The Transportation Security Administration issued a new cybersecurity directive to enhance cybersecurity preparedness and resilience for designated passenger and freight railroads. The requirements focus on performance-based measures to achieve critical cybersecurity outcomes in light of the growing sophistication of evolving threats.

The directive is effective as of October 24, 2023, and companies will need to comply by February 21, 2023. Directive 1580/82-2022-01, Rail Cybersecurity Mitigation Actions and Testing, will replace the cybersecurity directive the TSA issued last December.

Click here to read the full Update.