With ongoing cyber security threats against U.S. critical infrastructure, the federal government is implementing a national security strategy to increase resilience. The U.S. Department of Homeland Security is pushing for more proactive measures in the transportation sector, including a new directive for airport and aircraft operators.
At least one vulnerability was found in 84% of code bases that rely on open-source data in industries including aviation. The Transportation Security Administration’s (TSA) new cyber security directive requires certain TSA-regulated airport and aircraft operators to improve their cyber security posture. The amendment to aviation security programs extends the performance-based requirements of other critical transportation system infrastructure—such as passenger and freight railroad carriers—to the aviation industry.
Directive requirements
While previous requirements included reporting significant cyber security incidents to the Cybersecurity and Infrastructure Security Agency (CISA), establishing a cyber security point of contact, developing and adopting a cyber security incident response plan, and completing a cyber security vulnerability assessment, the new emergency amendment focuses on performance-based measures that operators must follow to protect their systems from cyber threats.
This includes developing an approved implementation plan that specifies how airports and aircraft operators are managing their cyber security risk. They must proactively assess the effectiveness of these measures, which include the following actions:
- Develop network segmentation policies and controls to ensure that operational technology systems can continue to safely operate in the event that an information technology system has been compromised, and vice versa.
- Create access control measures to secure and prevent unauthorized access to critical cyber systems.
- Implement continuous monitoring and detection policies and procedures to defend against, detect, and respond to cybersecurity threats and anomalies that affect critical cyber system operations.
- Reduce the risk of exploitation of unpatched systems through the application of security patches and updates for operating systems, applications, drivers, and firmware on critical cyber systems in a timely manner using a risk-based methodology.
As teams develop their cyber security implementation plan, it’s important to consider how network segmentation policies and controls can prevent disruptions to the operational technology system if the information technology system is compromised, or vice versa, access control measures for local and remote access, monitoring and detection of threats through malicious email, websites, etc., and additional mitigations where patches or updates are not installed.
How SecurityGate can help
While adhering to new TSA directive requirements can be a time consuming process, the SecurityGate Platform makes it easy for airports and aircraft operators to comply. Users can simply log in to their account and click on the icon in their dashboard to begin running a Q&A framework-based assessment.
Users will then walk through a set of questions associated with each section of the framework. Taking this assessment in a digital format in the SecurityGate Platform creates a centralized repository of documentation and eliminates paperwork.
Each question is mapped to a set of linked controls to help identify associated risks and tie them to our People Process and Technology (PPT) Insight to highlight missing controls and better understand where to make improvements. In this way, the SecurityGate Platform, in combination with the critical infrastructure expertise of our team, makes it easy for airports and aircraft operators to meet TSA directives and prevent disruption and degradation to their infrastructure while also supporting safe, secure, and efficient travel for the public.
SecurityGate is continuing to follow current events to support our clients in complying with critical infrastructure security requirements. As more directives are released, our team will maintain our library of out-of-the-box cyber assessments and frameworks for aviation and other industries. Users can count on the SecurityGate Platform as the only solution cyber security teams can trust to assess, improve, and document risk.
To learn more, reach out to our team or book a demo to get started.
