TSA RAILROAD CYBER SECURITY
Keeping Your Cyber Security On Track
The Department of Homeland Security (DHS) Transportation Security Administration (TSA) has issued Security Directives (SDs) for freight and passenger rail and transit systems. The Directives tie directly to the National Cybersecurity Strategy. These SDs aim to improve the overall cybersecurity posture of the rail industry by establishing minimum standards and requirements for TSA-specified rail entities to protect their critical infrastructure from disruption and degradation.
SD 1580/82-2022-01
SD 1580/82-2022-01 impacts railroad carriers and other TSA-specified freight and passenger railroads.
The directive mandates that these transportation entities establish and implement a TSA-approved Cybersecurity Implementation Plan (CIP):
- Implement network segmentation policies and controls to ensure OT systems operate safely even if an IT system is compromised.
- Implement access control measures to secure and prevent unauthorized access to Critical Cyber Systems.
- Institute continuous monitoring and detection policies and procedures to detect threats and correct anomalies that affect Critical Cyber System operations.
- Reduce exploitation of unpatched systems by promptly applying security patches and updates for operating systems, applications, drivers, and firmware on Critical Cyber Systems in a timely manner using a risk-based methodology.
- Establish and submit a cybersecurity assessment program (CAP) that describes how the owner/operator will proactively assess the effectiveness of cybersecurity measures and resolve vulnerabilities.
SD 1580-21-01A and SD 1582-21-01A
TSA SD 1580-21-01A “Enhancing Rail Cybersecurity” outlines requirements for railroad freight carriers. TSA SD 1582-21-01A “Enhancing Public Transportation and Passenger Railroad Cybersecurity” sets forth requirements for public transportation/passenger rail transit systems (PTPR).
TWO SEPARATE SECURITY DIRECTIVES, SAME REQUIREMENTS
Both security directives require TSA-designated railroads to:
- Designate a Cybersecurity Coordinator.
- Report cybersecurity incidents to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
- Conduct a cybersecurity vulnerability assessment.
- Develop a Cybersecurity Implementation Plan (CIP).
- Develop a Cybersecurity Incident Response Plan (CIRP).
- Develop a Cybersecurity Assessment Plan (CAP).
FOXGUARD CYBERSECURITY SOLUTIONS TO MEET SD 1580/82-2022-01
Foxguard helps customers meet Security Directive requirements through cybersecurity assessments, specifying and integrating monitoring and detection tools, identifying critical cyber systems (CCS), and providing security patches and updates to these systems.
Want to know more about our products?
TS 50701
Foxguard provides cyber integration services to meet cybersecurity compliance requirements for Rail
The EU Commission mandated the European Committee for Electrotechnical Standardization (CENELEC), an international nonprofit organization, to integrate rail cybersecurity requirements into a Technical Specification (TS). TS 50701 provides cybersecurity guidance specific to railway systems. It relies heavily on the IEC 62443 Standard that addresses cybersecurity for operational technology in automation and control systems.
TSA RAILROAD
Foxguard Solutions for TSA Rail Security Directives
We offer programmatic assessment and program development to support rail security directives, including:
- SD 1580/82-2022-01
- SD 1580-21-01A
- SD 1582-21-01A
- TS 50701
ASSET INVENTORY MANAGEMENT
Establishing a Master Asset Inventory
The first step in your cybersecurity maturity framework is your asset inventory. We’ll help you identify all your IT and OT assets.
Identifying all assets unique to your environment is essential in building a layered defense strategy for your organization.
It is also a first step in establishing a cybersecurity baseline. You can’t protect what you don’t know about. This facilitates the ability to identify critical cyber systems.
FOXGUARD OFFERS CYBERSECURITY VULNERABILITY ASSESSMENT SERVICES
Foxguard offers a complete and comprehensive suite of products to address the cybersecurity needs of rail systems where IT and OT converge.
What We Do
With a thorough vulnerability assessment from Foxguard, you will meet the vulnerability assessment requirement of SD 1582-21-01A and SD 1580-21-01A, as appropriate.
What You Achieve
Besides meeting requirements for vulnerability assessments, our services help TSA-designated rail and public transit to:
- Make decisions about controls.
- Update policies and procedures.
- Improve threat detection.
- Develop mitigation strategies.
GOVERNANCE AND COMPLIANCE CONSULTING SERVICES
Foxguard’s cybersecurity governance consulting services help organizations establish a program of effective security measures to protect critical assets from cyber threats. These services assess the organization’s current security posture, identify critical gaps and vulnerabilities, and address them through remediation or documentation.
The services include the following components:
- Vulnerability and Patch Management
- Objective, third-party risk assessment.
- Third-party vulnerability scan.
- Penetration testing.
- Security awareness training.
- Ongoing monitoring and support.
By partnering with Foxguard on cybersecurity governance consulting services, oil and gas companies proactively manage their cybersecurity risks and ensure the safety and security of their operations, employees, and customers.
WE'RE AN EXTENSION OF YOUR TEAM
Choose How Foxguard Will Help Your Organization Toward a Robust Vulnerability Assessment Solution
We serve as an extension of your team’s capabilities to meet your security and compliance needs.
LEAN MORE ABOUT OUR PROFESSIONAL CONSULTING SERVICES
Protecting Your Rail System With a CIRP
Foxguard provides professional consulting services for planning and detection and analysis to support CIRP creation and implementation. Our services help build the elements of an actionable CIRP as mandated in SD 1582-21-01A and SD 1580-21-01A. We perform tabletop exercises, provide training, and perform vulnerability assessments to help build your plan. Foxguard will specify, source, and integrate tools you need for applications like backup and recovery, malicious software detection, log aggregation, SIEM/SOAR, and network intrusion for detection and analysis.
Want to know more about our products?
6 REASONS TO TRUST FOXGUARD
6 Reasons to Choose Foxguard for Your Rail Cybersecurity
Foxguard’s solutions not only protect against cyber threats but also help maintain the reliability and efficiency of transportation systems. By working with Foxguard, your transportation organization focuses on its core operations and enjoys peace of mind knowing your systems are secure.
UNLOCK BROAD INFRASTRUCTURE EXPERIENCE
Our experts have experience across other critical infrastructure sectors. Our broader understanding leads to innovations in implementing your secure architecture.
ACCESS STRONG OT & IT EXPERTISE
Operational technology experience is tough to find. Foxguard has extensive experience with both OT and IT cybersecurity. We’re qualified engineers with deep expertise, degrees, and more than 15 unique cybersecurity certifications.
COLLABORATE WITH COMPLIANCE EXPERTS
Our team has extensive knowledge of cybersecurity mandates. We collaborate with you to review your current program or help you create a new one that meets your security directives and addresses your concerns.
AVOID THE COOKIE-CUTTER APPROACH
Cookie cutters belong in the kitchen. Rather than imposing a premade solution onto your organization, Foxguard develops “built-for-security” solutions for real problems. We collaborate to:
- Address your organization’s unique challenges.
- Integrate with your current operations.
- Meet you where you are in your cybersecurity, computing, or digitization journey.
WORK WITH A SINGLE SOURCE
Wherever you are on your cybersecurity or compliance journey, we offer a wide range of built-for-security solutions.
- Asset Inventory Management
- Vulnerability Management and Patch Management
- Systems Integration
- Cybersecurity Consulting
- Control Systems Hardening
RETAIN WORLD-CLASS TALENT
Cybersecurity skills are in high demand. It’s challenging to keep the best professionals in-house. Our specialized cybersecurity consultants have lower turnover rates and support the uniform implementation of cybersecurity measures. Foxguard becomes an extension of your team, allowing your organization to focus on its core business.
OUR PATCH MANAGEMENT SOLUTIONS
Our Patch Management Funnel Removes the Noise
We can remove the noise of your patch management program by filtering your hundreds of thousands assets down to hundreds of unique items (UI) requiring patches. In the funnel example, we show 100,000 assets filtered to 400 UIs. Those 400 UIs will typically only require 30 to 50 patches every 35 days. You’ll deploy a percentage of those patches depending on your mitigation techniques.
We Manage the Burden, So You Don’t Have To
Our program manages your asset list so that you can remain compliant and remove the burden of:
- Calling each vendor.
- Manually documenting patch vs. no patch.
- Collecting evidence.
- Tracking each asset. (We publish your unique patch report.)
- Acquiring authentic patches and ensuring the integrity of each one.
- Testing and validating patches before deployment.
We facilitate efficient patch management so you can readily deploy secure, validated patches on your schedule.
OUR CLIENTS SAY IT THE BEST
NERC CIP Manager
Large IOU-NPCC/TRE- New Jersey | Texas
IT Manager
Large IOU-RF – Illinois
Supervisor EMS Maintenance
Mid-West Municipal- SPP – Kansas
EMS Programmer Analyst
Co-Operative - North Dakota
IT Manager
Aerospace and Defense Contractor