On December 4, 2018, the Transportation Security Administration (TSA) released its Cybersecurity Roadmap 2018 (Roadmap) that will guide the TSA’s efforts to prioritize and implement cybersecurity through 2026, the TSA’s 25th anniversary. This Roadmap closely aligns with the Department of Homeland Security’s (DHS) own Cybersecurity Strategy, published in May 2018, and comes at a time when the transportation and aviation industries must begin to deal seriously with non-traditional security threats to their network and information systems.
In broad terms, the TSA’s Roadmap establishes four priorities for its cybersecurity strategy: (1) risk identification; (2) vulnerability reduction; (3) consequence mitigation; and (4) enabling cybersecurity outcomes. Each of these has been aligned with a pillar of DHS’s cybersecurity strategy. The TSA also identified six goals for its cybersecurity program to be achieved over the next five years: (1) assess and prioritize evolving cybersecurity risks to TSA and the Transportation Systems Sector (TSS); (2) protect TSA information systems; (3) protect TSA critical infrastructure; (4) respond effectively to cyber incidents;…
