The original post: /r/cybersecurity by /u/Bruegemeister on 2024-11-07 18:35:38.

Consistent with these requirements and standards, this rule proposes:

To require that certain pipeline, freight railroad, passenger railroad, and rail transit owners/operators with higher cybersecurity risk profiles establish and maintain a comprehensive cyber risk management program; To require these owners/operators, and higher-risk bus-only public transportation and over-the-road bus owners/operators, currently required to report significant physical security concerns to TSA to report cybersecurity incidents to CISA; and To extend to higher-risk pipeline owner/operators TSA’s current requirements for rail and higher-risk bus operations to designate a physical security coordinator and report significant physical security concerns to TSA.