41.2 F
Washington D.C.
Thursday, December 12, 2024

GAO: TSA Cybersecurity Efforts Show Progress, But Gaps Remain in Mitigating Ransomware Risks

The Transportation Security Administration (TSA) is taking steps to strengthen cybersecurity across the nation’s transportation systems, but additional actions are required to address vulnerabilities effectively, particularly in the face of ransomware attacks according to a new GAO report. The Government Accountability Office (GAO) has highlighted key areas where TSA’s cybersecurity initiatives show promise and where critical gaps remain.

The TSA, as part of the Department of Homeland Security (DHS), oversees the security of the nation’s transportation sector, which includes freight rail, passenger rail, pipelines, and other critical infrastructure. In response to increasing cyber threats, TSA has issued five security directives since May 2021 to mitigate risks, particularly after a significant ransomware attack on a U.S. pipeline company. These directives, developed with industry feedback, aim to strengthen the cybersecurity posture of the transportation systems sector.

In November 2024, TSA issued a notice of proposed rulemaking to formalize cybersecurity requirements for surface transportation owners and operators. This rule builds on performance-based cybersecurity requirements outlined in earlier directives. However, GAO has raised concerns that these measures do not fully align with best practices for mitigating ransomware risks, which have become increasingly disruptive to transportation systems.

GAO has identified several challenges in TSA’s cybersecurity approach. For instance, while TSA has worked to address risks associated with internet-connected devices within the transportation sector, it has yet to develop effective metrics to measure the success of its efforts. Furthermore, TSA has not conducted sector-wide cybersecurity risk assessments specific to these devices, leaving gaps in understanding and mitigating potential vulnerabilities.

GAO recommended in prior reports that DHS assess the adoption of leading cybersecurity practices across the transportation systems sector, particularly to combat ransomware. GAO also advised TSA to develop a sector-specific plan with clear metrics and to include internet-connected devices in sector-wide risk assessments. As of November 2024, these recommendations have not been fully implemented, limiting TSA’s ability to comprehensively address cybersecurity risks.

The GAO’s findings underscore the persistent threats facing transportation systems and the need for a more robust and measurable cybersecurity framework. Domestic and foreign adversaries continue to view critical infrastructure as a strategic target due to its potential for widespread disruption.

GAO has issued six recommendations to DHS and TSA to enhance cybersecurity in the transportation sector. While DHS and TSA have expressed agreement with these recommendations, only one has been fully implemented to date. GAO continues to monitor TSA’s progress in addressing these issues.

Read the full GAO report here.

Matt Seldon
Matt Seldon
Matt Seldon, BSc., is an Editorial Associate with HSToday. He has over 20 years of experience in writing, social media, and analytics. Matt has a degree in Computer Studies from the University of South Wales in the UK. His diverse work experience includes positions at the Department for Work and Pensions and various responsibilities for a wide variety of companies in the private sector. He has been writing and editing various blogs and online content for promotional and educational purposes in his job roles since first entering the workplace. Matt has run various social media campaigns over his career on platforms including Google, Microsoft, Facebook and LinkedIn on topics surrounding promotion and education. His educational campaigns have been on topics including charity volunteering in the public sector and personal finance goals.

Related Articles

- Advertisement -

Latest Articles