Connect with us

Hi, what are you looking for?


Management & Strategy

Senators Ask DHS, DOT About Transportation Infrastructure Cybersecurity

Several U.S. senators have sent a letter to the Department of Homeland Security (DHS) and the Department of Transportation (DOT), requesting information about the cybersecurity of the nation’s transportation infrastructure.

Several U.S. senators have sent a letter to the Department of Homeland Security (DHS) and the Department of Transportation (DOT), requesting information about the cybersecurity of the nation’s transportation infrastructure.

The letter was signed by 10 republican and democrat senators led by Jacky Rosen (D-NV) and Roger Wicker (R-MS).

The lawmakers want information on the two departments’ capabilities when it comes to detecting, preventing and responding to cyberattacks. Specifically they are seeking information on how the DHS and DOT are meeting their six responsibilities, as described in the William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021.

These responsibilities include supporting risk sector management, assessing sector risk, sector coordination, facilitating information sharing, supporting incident management, and contributing to emergency preparedness efforts.

The senators have also requested information on how the two organizations are collaborating in an effort to avoid gaps and redundancies in risk management, as well as on plans to update the Transportation Systems Sector-Specific Plan from 2015, to ensure that it’s in line with the current threat landscape.

The lawmakers have pointed out that cyber threats to transportation systems are expected to increase, and provided the recent Colonial Pipeline incident as an example. Their letter also cites a study conducted last year by the Mineta Transportation Institute, which found that only 60% of transit agencies had a cybersecurity plan in place.

“We recognize that DHS and DOT have the complex and enormous responsibility of ensuring the security and resilience of the nation’s transportation systems, supporting the systems’ ability to quickly, safely, and securely move people and goods throughout the country and overseas,” the senators wrote.

The Transportation Security Administration (TSA) in December announced new directives and recommendations aimed at strengthening the cybersecurity defenses of rail and airport operators.

Advertisement. Scroll to continue reading.

The new directives require most operators to identify a cybersecurity point person, report incidents to CISA within 24 hours, conduct vulnerability assessments, and develop contingency and recovery plans.

Related: Chinese Hackers Spotted Targeting Transportation Sector

Related: Transportation Agency Hacked in 2nd Texas Government Attack

Related: Overcoming Security Challenges in the Transport and Logistics Sector

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem