The TSA’s new emergency cybersecurity amendment published on March 7, 2023, impacts all TSA-regulated aviation operators. The focus of the amendment is resiliency, deterrence, and survivability of critical transportation infrastructure. The amendment's broad scope and compliance requirements will require affected operators to proactively assess the effectiveness of their current systems and develop enhanced measures to meet the new responsibilities. Here are the key points:
- Network segmentation policies to allow critical technology systems to continue to operate in case of a cyber attack
- Access control measures to prevent unauthorized access to systems
- Continuous monitoring detection policies & procedures to quickly respond to system threats
- Timely system updates using a risk-based methodology
Although the new expectations can seem overwhelming, aviation operators can undertake and implement certain solutions to ensure their systems comply with new TSA regulations quickly and efficiently.
Taking the time to evaluate current systems will allow your team to identify potential vulnerabilities in your infrastructure and develop measures to address them proactively. Once this audit is complete and the gaps have been identified, developing a roadmap to address the concerns is the next step. By creating this roadmap and clearly defining long-term goals, strategic checkpoints focused on security posture, risk-prioritization, and vulnerabilities may be initiated and achieved. Partnering with an industry-savvy consultant can ensure the vital requirements outlined by the TSA are successfully implemented with state-of-the-art solutions.
FPT Software has the expertise and experience to handle these requirements in the aviation industry.
"To prepare for an IT Security Audit, we needed a trusted partner to take an unbiased look at our existing security controls. FPT Software conducted a methodical review of our systems, extensive interviews across our team, and then mapped our maturity against industry benchmarks and delivered a comprehensive cybersecurity maturity assessment to help us understand our current state. Their team of experts also produced a comprehensive report covering NIST CSF 1.1 categories and a cybersecurity roadmap to guide us through addressing the gaps uncovered in our system. Beyond pure technical preparedness, we have greater control over our information assets.”
By leveraging FPT Software's comprehensive suite of cybersecurity solutions and services, operators can be assured their security infrastructure is up to date, their risk management processes are in place, and they are compliant with TSA's new regulations. View our full line of aviation services here.