Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Senators Ask DHS, DOT About Transportation Infrastructure Cybersecurity

Several U.S. senators have sent a letter to the Department of Homeland Security (DHS) and the Department of Transportation (DOT), requesting information about the cybersecurity of the nation’s transportation infrastructure.

Several U.S. senators have sent a letter to the Department of Homeland Security (DHS) and the Department of Transportation (DOT), requesting information about the cybersecurity of the nation’s transportation infrastructure.

The letter was signed by 10 republican and democrat senators led by Jacky Rosen (D-NV) and Roger Wicker (R-MS).

The lawmakers want information on the two departments’ capabilities when it comes to detecting, preventing and responding to cyberattacks. Specifically they are seeking information on how the DHS and DOT are meeting their six responsibilities, as described in the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021.

These responsibilities include supporting risk sector management, assessing sector risk, sector coordination, facilitating information sharing, supporting incident management, and contributing to emergency preparedness efforts.

The senators have also requested information on how the two organizations are collaborating in an effort to avoid gaps and redundancies in risk management, as well as on plans to update the Transportation Systems Sector-Specific Plan from 2015, to ensure that it’s in line with the current threat landscape.

The lawmakers have pointed out that cyber threats to transportation systems are expected to increase, and provided the recent Colonial Pipeline incident as an example. Their letter also cites a study conducted last year by the Mineta Transportation Institute, which found that only 60% of transit agencies had a cybersecurity plan in place.

“We recognize that DHS and DOT have the complex and enormous responsibility of ensuring the security and resilience of the nation’s transportation systems, supporting the systems’ ability to quickly, safely, and securely move people and goods throughout the country and overseas,” the senators wrote.

The Transportation Security Administration (TSA) in December announced new directives and recommendations aimed at strengthening the cybersecurity defenses of rail and airport operators.

The new directives require most operators to identify a cybersecurity point person, report incidents to CISA within 24 hours, conduct vulnerability assessments, and develop contingency and recovery plans.

Related: Chinese Hackers Spotted Targeting Transportation Sector

Related: Transportation Agency Hacked in 2nd Texas Government Attack

Related: Overcoming Security Challenges in the Transport and Logistics Sector

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

CISO Conversations

In this edition of CISO Conversations, SecurityWeek speaks to two city CISOs, from the City of Tampa, and from Tallahassee. 

Management & Strategy

Tips for making a presentation that will help improve the state of security programs and reflect favorably on the presenters and their companies