Yesterday, the OMB’s Office of Information and Regulatory Affairs (OIRA) announced that it had approved an notice of proposed rulemaking (NPRM) for TSA on “Enhancing Surface Cyber Risk Management”. The NPRM was sent to OIRA on February 16th, 2024. The advanced notice of proposed rulemaking for this rule was published on November 30th, 2022.
According to the Spring 2024 Unified Agenda entry for this rulemaking:
“On July 28, 2021, the President issued the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. In response to the ongoing threat to pipeline systems, TSA used its authority under 49 U.S.C. 114 to issue emergency security directives to owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions. TSA also issued security directives in the freight, passenger, and transit-rail sectors under the same statutory authority. TSA is committed to enhancing and sustaining industry’s resilience to cybersecurity attacks. TSA intends to issue a rulemaking that will permanently codify critical cybersecurity requirements for pipeline and rail modes. Through this rulemaking, TSA will also address certain requirements in the Implementing Recommendations of the 9/11 Commission Act of 2007 related to information and operational technology systems. TSA is committed to enhancing and sustaining cybersecurity for all modes of transportation and intends to issue a rulemaking that may codify these and other requirements following an opportunity for notice and comment. In addition to holding numerous technical roundtables with the industry regarding cybersecurity requirements, TSA also solicited public input in the development of this rulemaking through publication of an advance notice of proposed rulemaking in November 2022.
This should be published in the Federal Register in the next
couple of weeks.
No comments:
Post a Comment