What Do The New TSA Cybersecurity Regulations Mean for Airports – And How Can You Work Towards Compliance?
This month, the U.S. Transportation Security Agency (TSA) issued new cybersecurity requirements regarding aviation, demanding proactive steps to minimize the aviation industry’s vulnerability to cyberattacks.
The announcement of those requirements followed a similar step taken by TSA regarding railroads last October. Both of these announcements highlight the seriousness of the cyber dangers facing the transportation industry in the U.S. as TSA’s official press release states: “TSA is taking this emergency action because of persistent cybersecurity threats against U.S. critical infrastructure, including the aviation sector.”
The statement then goes on to list some specific steps that “impacted TSA-regulated entities” are required to take in order to strengthen their cybersecurity posture. To fully comply with these requirements, the U.S. aviation industry as a whole needs to significantly enhance its approach to managing and maintaining its connected physical security devices.
Why does the transportation industry need to protect its physical security devices?
The new requirements were announced just days after the Biden-Harris Administration introduced its new National Cybersecurity Strategy. The strategy document specifies that one of its “strategic objectives” is to improve the security situation of devices connected to the internet of things (IoT), which includes many physical security devices. It also notes that “many of the IoT devices deployed today are not sufficiently protected against cybersecurity threats.”
While that document goes well beyond the world of transportation, it’s important to keep in mind the danger that cybercrime poses to the transportation industry specifically. Notably, Secretary of the Department of Homeland Security (DHS) Alejandro Mayorkas named “the cybersecurity threat to ports” as the top threat facing those ports during a Senate hearing late last year. Those comments came weeks after cyberattacks on U.S. airports’ websites forced multiple public-facing websites to temporarily go offline, including the websites of some of the largest airports in the U.S.
Part of the problem for the transportation industry is that many of its physical security devices are not operationally managed adequately, making them an easy target for sophisticated cybercriminals. Without taking the necessary steps to keep those devices secure, key players in the world of transportation leave their physical security devices exposed to threat actors.
In other words, when not managed and maintained properly, the devices that are supposed to protect airports and other transportation hubs could actually be turned into an easy vector for hackers to carry out a cyberattack.
How to protect physical security devices from cyber threats
Many of the key steps that the transportation industry needs to take to mitigate cyber threats facing its physical security devices are relatively straightforward. The problem is that given the scale and variety of its fleets of physical security devices, taking all of these steps is a massive, time-consuming, and expensive goal.
These key steps include:
- Rotating passwords regularly.
- Upgrading firmware whenever necessary.
- Managing certificates.
- Rapidly detecting anomalies in device performance.
- Replacing devices that are past their end of life.
Ensuring compliance with the new requirements automatically
The challenge of operationally managing physical security devices efficiently and reliably isn’t unique to the world of transportation. But given the importance of protecting key infrastructure such as airports, seaports, and railroads, major players in the world of transportation have a critical need to operationally manage those devices reliably and efficiently.
And following TSA’s new requirements for the aviation industry, entities such as airports and airlines have an even greater need for a sustainable and affordable approach to managing their physical security devices.
In the face of these challenges, the key to streamlining the operational management of physical security devices is automation. Automating all of the key steps involved in managing those devices offers airports, airlines, and others a cost-effective and dependable way to ensure that steps such as password rotations, firmware upgrades, and certificate management are taken as necessary.
An automated approach to the operational management of physical security devices also provides real-time monitoring of the status of those devices, helping to rapidly detect and diagnose anomalies in their performance. And this approach makes it easy to find out automatically when a device is nearing its end of life, so that it can be replaced promptly instead of becoming an easy target for hackers.
How much of a difference can automation actually make in protecting the transportation industry’s security devices? One eye-opening example comes from a major international airport that used SecuriThings to automate the operational management of its physical security devices. Once installed, SecuriThings immediately identified several high-severity security and operational issues to address. More importantly, SecuriThings’ automated approach has helped the airport to keep its connected devices both operational and secure on an ongoing basis.
To learn more about how an automated approach to the operational management of physical security devices can help you comply with the new TSA requirements, check out our airport case study.