Hello, Guest.!

TSA Requests Feedback on CRM Requirements for Pipeline, Rail Sectors

1 min read

The Department of Homeland Security’s Transportation Security Administration is seeking public comments to inform the development of cybersecurity requirements for the pipeline and rail sectors

TSA is looking to understand how the pipeline and rail owners and operators are implementing cyber risk management policies and assess the need to develop new regulations or update existing regulations to address CRM, according to an advance notice of proposed rulemaking published Wednesday in the Federal Register. 

Focus areas of interest to the agency in their requests are economic burdens, management, oversight, regulatory barriers, standards, training and education, as they pertain to CRM development and implementation.

TSA is also seeking public input on the use of third-party organizations to help oversee CRM compliance in the pipeline and rail sectors.

The rulemaking also focuses on incentivizing the adoption of cybersecurity and resilience measures and maximizing the ability of owners and operators to meet emerging cybersecurity threats.

In July, TSA revised its cybersecurity requirements for oil and natural gas pipelines to reflect input from industry and federal partners, including the Cybersecurity and Infrastructure Security Agency.