TSA directs freight railroads to bolster cybersecurity, report incidents

Directive addresses some industry concerns, AAR says

Chemical rail cars sit on a track to illustrate an article about new cybersecurity requirements in the freight rail sector.

Freight rail operators will need to report cyber incidents within 24 hours starting Dec. 31. (Photo: Jim Allen/FreightWaves)

Freight railroads will be required to report cyber incidents within 24 hours as part of a new Transportation Security Administration directive issued Thursday aimed at strengthening cybersecurity in the sector.

The directive, which takes effect Dec. 31, also mandates that all freight rail operators designate a cybersecurity coordinator, develop an incident response plan and conduct a vulnerability assessment. TSA also issued similar directives for passenger rail and public transit operators.

“These new cybersecurity requirements and recommendations will help keep the traveling public safe and protect our critical infrastructure from evolving threats,” Homeland Security Alejandro Mayorkas, who previewed the measure in October, said in a statement. “DHS will continue working with our partners across every level of government and in the private sector to increase the resilience of our critical infrastructure nationwide.”

The Association of American Railroads said the final directive had addressed some of its most significant concerns. The association said the industry had already been taking cybersecurity security seriously.


“For the better part of two decades, railroads have thoughtfully coordinated with each other and government officials to enhance information security, which has proven to be an effective, responsive way of addressing evolving threats,” AAR President and CEO Ian Jefferies said in a statement. 

“Let there be no mistake — railroads take these threats seriously and value our productive work with government partners to keep the network safe.”

The new cybersecurity requirements come as ransomware attacks continue to target companies across the country, sometimes with devastating impacts on operations. 

While no U.S. freight railroad has experienced a catastrophic incident, CSX and short-line operator OmniTrax were targeted in ransomware attacks earlier this year.


Read more

Click for more FreightWaves articles by Nate Tabak

Exit mobile version