On the anniversary of the TSA’s updates to cybersecurity requirements for passenger and freight railroad carriers, the focus remains on building cyber-resilient systems, proactive security tools, and rail-specific cybersecurity strategies.
Industrial Cyber News Editor Anna Ribeiro writes that some of the key cybersecurity measures for railroad carriers include network segmentation, access controls for critical cyber systems, continuous monitoring, and reducing the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers, and firmware on critical cyber systems.
Looking back at the progress made so far, John Terrill, CISO at Phosphorus, says:
“The first step is getting governance in place and basic controls โ that was the original directive. I canโt say that the outcomes are materially better yet โ but this is part of the journey of maturing a security program. The next step is making incremental progress in developing those controls and capabilities.โ
Read more about this groundwork laid for the railroad sector at Industrial Cyber.
Related Posts
In the wake of the CrowdStrike incident, the US Cybersecurity and Infrastructure Security Agency...
Australia’s ambitious Cyber Security Act, its first standalone piece of cybersecurity legislation, introduces new...
