• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us
OCD TECH. TSA NEW CYBERSECURITY RULES

TSA new cybersecurity rules

March 14, 2023 Posted by OCD Tech Cybersecurity, News

OCD Tech believes stay informed is the best way to stay protected, read this interesting article from The Washington Post and the TSA to know the latest announced cybersecurity rules.

The US Transportation Security Administration (TSA) has announced new cybersecurity rules for airport and aircraft operators, which prioritizes the development of network segmentation policies and controls.

It marks the latest set of cyber rules for the aviation sector imposed by TSA. The newer set of rules requires the pertinent airports and operators to develop security plans for defending things like who has access to networks, then seek TSA approval for them.

TSA Administrator David Pekoske said in a news release that “Protecting our nation’s transportation system is our highest priority,” and TSA will work closely with industry to boost cybersecurity.

The latest mandates arrive after Friday’s Environmental Protection Agency rules for the water sector, and less than a week after the Biden administration released a national cybersecurity strategy that reflects the administration’s shift toward embracing regulation to secure critical infrastructure.

While the aviation rules already had been in the works, they follow a series of incidents in the sector in recent months that affected, airport websites, navigation and flight tools, passenger data and the TSA “no-fly” list.

The rules

TSA previously directed affected airports and airline operators to designate a cybersecurity coordinator, report cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency within 24 hours, develop a plan for responding to cyber incidents and conduct a vulnerability assessment.

The TSA new cybersecurity rules announced March 7 2023, require individual airports and airline operators to develop an implementation plan featuring a number of security precautions, like patching and continuous monitoring for threats.

TSA has diluted some initial industry objections to cyber rules for other sectors it regulates by making them “performance-based,” meaning that the agency is less focused on how entities meet the goals than the final outcome.

The administration has said it extended existing TSA authorities to cover the writing of its cyber rules. In all, according to an administration breakdown, the existing powers could cover 80 airports, 21 passenger airlines and four cargo lines.

The move is part of TSA’s efforts, which requires critical transportation sector operators to combat cybersecurity risks.

It comes in the wake of continuous cybersecurity threats hitting the country’s critical infrastructure, including the aviation industry.

Source: TSA, Washington Post

Share
0
Avatar photo

About OCD Tech

We provide independent and objective assurance of your IT controls. Using industry recognized frameworks and best practices, we assess your company’s technology risks and evaluate existing controls for risk mitigation. Your business processes are constantly evolving. We ask you, are your IT controls keeping up?

You also might be interested in

OCD TECH CYBERSECURITY MONTH

SAFE PASSWORD

Oct 24, 2023

🔐Protect your digital world, protect your data, your privacy, and[...]

Don’t Let the Cloud Rain on Your DFARS Compliance

Don’t Let the Cloud Rain on Your DFARS Compliance

Jun 19, 2018

Cloud computing has become ubiquitous in how we operate our[...]

Introduction to SHIELD by OCD Tech: Cybersecurity for SMBs

Introduction to SHIELD by OCD Tech: Cybersecurity for SMBs

Nov 4, 2024

In today’s digital landscape, cybersecurity threats aren’t limited to large[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next