New TSA Rail Cybersecurity Rule Shows Trend Toward Prescriptive Mandates
The Transportation Security Administration issued a new cybersecurity directive to enhance cybersecurity preparedness and resilience for designated passenger and freight railroads. The requirements focus on performance-based measures to achieve critical cybersecurity outcomes in light of the growing sophistication of evolving threats.
The directive is effective as of October 24, 2023, and companies will need to comply by February 21, 2023. Directive 1580/82-2022-01, Rail Cybersecurity Mitigation Actions and Testing, will replace the cybersecurity directive the TSA issued last December.
Perkins on Privacy
Perkins on Privacy provides updates and insights on an array of privacy and data security legal issues, brought to you by Perkins Coie’s Chambers-ranked Privacy & Security practice. Subscribe 🡢