DHS provides cyber requirements for transportation enterprise
Homeland Safety Secretary Alejandro Mayorkas introduced on Wednesday thOn The federal authorities will add requirements for cybersecurity information sharing to corporations Inside the transportation sector.
The transfer comes as DHS is Inside the midst of a 60-day “dash” launched in September Specializing in transportation enterprise cybersecurity, Mayorkas said in a speech On the Billington Cybersecurity Summit.
The Coast Guard is growing its oversight of maritime cybersecurity with the deployment of cybersecurity personnel to U.S. ports To oversee planning, response and restoration. Mayorkas additionally introduced that 2,300 “maritime entities” are charged with sharing cybersecurity plans with the Coast Guard and following up on any weaknesses recognized in these plans.
Furtherextra, the Transportation Safety Administration is taking a extra extreme-profile position in managing railroad enterprise cybersecurity. Beneath a security directive to be issued later this yr, “greater hazard” rail freight and rail transit corporations Shall be required to designate a cybersecurity contact For prefacetncy and to report incidents to the Cybersecurity and Infrastructure Safety Agency.
On the aviation facet, TSA is planning new requirements for essential enterprise gamers, collectively with airport operators, moveenger airways and cargo plane operators, To name a cybersecurity contact and report incidents to CISA.
The transfer symbolizes the persevering with enlargement of TSA’s formal position as a cybersecurity regulator. In the wake of the Colonial Pipeline hack, TSA issued two mannequins of guidelines governing cybersecurity preparedness and reporting in that enterprise.
“Taken collectively, these parts — a devoted level of contact, cyber incident reporting and contingency planning — symbolize the naked minimal of right now’s cybersecurity biggest practices,” Mayorkas said in his speech.
Cyber funds advance in Senate
The Senate Homeland Safety and Government Affairs Committee superior two gadgets of cybersecurity legal guidelines on Wednesday.
The Cyber Incident Reporting Act of 2021 mannequins a 72-hour reporting requirement for breaches and completely different incidents at coated corporations, which embrace essential infrastructure corporations. Furtherextra, the legal guidelines requires coated corporations to report any ransomware funds made to hackers within 24 hours. The invoice additionally mannequins up A mannequin new office at CISA to acquire reviews from coated corporations. That invoice did advance, However it drew some opposition from committee Republicans As a Outcome of of scope of security — presently extfinishing to small companies with 50 or extra staff. The invoice was amfinished to besides obligatory disclosures required under the legal guidelines from being embraced in discovery in litigation initiated over cybersecurity breaches.
Earlier this yr a bipartisan group of lawmakers on the Senate Choose Committee on Intelligence launched Their very personal invoice that mannequins a 24-hour clock for essential infrastructure operators and federal contractors to report cybersecurity incidents.
The Federal Information Safety Modernization Act of 2021 requires federal civilian enterprisees to report breaches to CISA and the Office of Administration and Price range, and it embraces new authorities that make CISA the lead agency on cybersecurity incidents affecting federal civilian agency networks. That invoice was superior with out objection.
Sen. Gary Peters (D-Mich.), the chairman of the committee, introduced his intention So as to add each gadgets of legal guidelines to the Nationbroad Protection Authorization Act, which lawmakers hope to move earlier than The prime of the calfinishar yr.
Adam Mazmanian is authorities editor of FCW.
Before becoming a member of the modifying group, Mazmanian was an FCW staff author overlaying Congress, authorities-broad know-how coverage and the Division of Veterans Affairs. Earlier to becoming a member of FCW, Mazmanian was know-how correspondent for Nationbroad Journal and served in Pretty a Little bit of editorial positions at B2B information service SmartBrief. Mazmanian has contributed critiques and articles to the Washington Submit, the Washington Metropolis Paper, Newsday, Ny Press, Architect Journal and completely different publications.
Click on right here for previous articles by Mazmanian. Join with him on Twitter at @thisismaz.