Skip to Content

TSA Seeks Comments on Strengthening Pipeline and Rail Cybersecurity and Resiliency

Updated on 2022-11-30: TSA Seeks Comments on Strengthening Pipeline and Rail Cybersecurity and Resiliency

The US Transportation Security Administration (TSA) has published an advance notice of proposed rulemaking “regarding ways to strengthen cybersecurity and resiliency in the pipeline and rail (including freight, passenger, and transit rail) sectors.” TSA is accepting public comments through January 17, 2023.


  • Are the cybersecurity requirements for both the pipeline and rail sectors really that unique? Each of the critical infrastructure sectors share more in common when it comes to developing cybersecurity best practices. What’s needed is a common and prioritized set of safeguards to achieve a baseline cybersecurity posture. The good news, one exists [CIS Critical Security Controls] and is measurably effective against the top five attack types.
  • Note that comments can only be accepted via the Federal eRulemaking Portal, US Mail, or Fax and must be submitted by January 17th, 2023. The eRulemaking portal is going to be your best bet here. The proposed rulemaking includes goals such as common security frameworks, segmentation, patching and access controls; the need is for those with experience in the field to review and make sure they can be accomplished.
  • Publishing for comment is good practice for regulators.


Updated on 2022-10-24: New TSA cybersecurity directive

The Transportation Security Administration (TSA) unveiled new cybersecurity regulations for passenger and freight railroad carriers last week. The new rules take effect on October 24 and will last one year. Railroad companies are now mandated to deploy network segmentation policies that separate OT systems from other IT networks—in case of compromise. In addition, carriers will also have to deploy threat detection systems and timely patches for operating systems, applications, drivers, and firmware. Read more:

Overview: US Transportation Security Administration Publishes Rail Cybersecurity Guidance

The US Transportation Security Agency (TSA) has published cybersecurity guidelines for freight and passenger rail systems. The directive was developed to comply with the White House’s effort to strengthen the cybersecurity of the country’s infrastructure. Among the requirements: develop network segmentation policies and controls; create access control measures; build continuous monitoring and detection policies and procedures; and keep operating systems, applications, firmware, and drivers patched in a timely manner.


  • This continues the movement to raise the bar across critical sector areas. This guideline extends the earlier 1580-21-01 security directive which went into effect December 31, 2021. Requirements include not only implementing enhanced security measures but also establishes an annual assessment plan as well as regular and proactive assessment activities. Rail System operators are expected to share data with TSA who will likely share it with DHS/CISA to identify vulnerabilities, track trends and cyber security incidents.


Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.