The Transportation Security Administration has released a pair of directives to bolster cybersecurity of systems and infrastructure within the U.S. surface transportation sector.
Freight and passenger rail operators must create an incident response plan and undergo assessments to identify any system vulnerability, TSA said Thursday.
The agency is also requiring train service providers to appoint a cybersecurity coordinator and inform the Cybersecurity and Infrastructure Security Agency when they experience a breach within a 24-hour period.
TSA also developed guidance to encourage lower-risk surface transportation owners to voluntarily adopt the new rules and said the agency intends to implement the new requirements in the aviation industry.
In late November, TSA issued a request for information on potential contractors that could help stand up an information sharing and analysis center to produce public transit situational awareness data.