New TSA Rail Cybersecurity Rule Shows Trend Toward Prescriptive Mandates
The Transportation Security Administration issued a new cybersecurity directive to enhance cybersecurity preparedness and resilience for designated passenger and freight railroads. The requirements focus on performance-based measures to achieve critical cybersecurity outcomes in light of the growing sophistication of evolving threats.
The directive is effective as of October 24, 2023, and companies will need to comply by February 21, 2023. Directive 1580/82-2022-01, Rail Cybersecurity Mitigation Actions and Testing, will replace the cybersecurity directive the TSA issued last December.
Perkins on Privacy
Perkins on Privacy keeps you informed about the latest developments in privacy and data security law. Our insights are provided by Perkins Coie's Privacy & Security practice, recognized by Chambers as a leading firm in the field. Subscribe 🡢