What you need to know about the Recent Emergency Amendments issued by the Transportation Security Administration
The recent increase in cyberattacks on critical U.S. infrastructure has prompted the Transportation Security Administration (TSA) to announce new emergency amendments to help enhance security programs and create greater protections for TSA-regulated airports and aircraft operators by focusing on performance-based measures.
Last October, more than a dozen U.S. airports were affected by a cyberattack that forced customer-facing websites offline for some of the nation’s busiest airports.
While the attack did not impact the systems that manage air control operations, it did disrupt the passenger experience. Travelers were unable to check flight status and other travel-related information on airport websites. The distributed denial of service attacks (DDoS) further identified potential vulnerabilities that exist within in critical U.S. infrastructure and the need to scale up efforts to protect the transportation industry against potentially larger attacks in the future.
In March 2023, the TSA announced new emergency cybersecurity amendments that will require some airports and aircraft operators to develop and implement a plan that describes the measures needed to improve their cyber resilience against potential attacks and prevent future disruption from occurring. TSA-regulated airports and aircraft operators must also actively assess the effectiveness of these measures by applying the following practices:
Develop segmented protocols and controls that enable operational technology (OT) systems to continue to operate if IT has been compromised
Create access control policies that safeguard and prevent unauthorized access to critical cyber systems.
Perform continuous monitoring and detection policies and measures to defend against, detect and respond to cybersecurity threats and anomalies that affect critical cyber system operations
Minimize system vulnerabilities and potential risks to unpatched networks by applying security patches and updates for operating systems, applications, drivers and firmware or critical cyber systems in a timely manner using risk-based methodology
Need help interpreting or complying with the new cybersecurity requirements?
Honeywell offers a complete portfolio of offerings to help enable your airport’s OT system to meet these new TSA regulations. Talk to one of our experts to learn how you can deploy the necessary solutions to augment your airport’s cybersecurity safety. Our experts can help you better understand the new measures, deploy solutions that meet your budgetary needs, and help you better protect your infrastructure from potential disruptions.