Enhancing Surface Cyber Risk Management

Document Headings Document headings vary by document type but may contain the following: the agency or agencies that issued and signed a document the number of the CFR title and the number of each part the document amends, proposes to amend, or is directly related to the agency docket number / agency internal file number the RIN which identifies each regulatory action listed in the Unified Agenda of Federal Regulatory and Deregulatory Actions See the Document Drafting Handbook for more details. Department of Homeland Security Transportation Security Administration 49 CFR Chapter XII [Docket No. TSA-2022-0001] RIN 1652-AA74 AGENCY: Transportation Security Administration, DHS. ACTION: Advance notice of proposed rulemaking. SUMMARY: The Transportation Security Administration (TSA) is seeking input regarding ways to strengthen cybersecurity and resiliency in the pipeline and rail (including freight, passenger, and transit rail) sectors. This advance notice of proposed rulemaking (ANPRM) offers an opportunity for interested individuals and organizations, particularly owner/operators of higher-risk pipeline and rail operations, to help TSA develop a comprehensive and forward-looking approach to cybersecurity requirements. TSA is also interested in input from the industry associations representing these owners/operators, third-party cybersecurity subject matter experts, and insurers and underwriters for cybersecurity risks for these transportation sectors. Although TSA will review and consider all comments submitted, we are specifically interested in responses to the questions posed in this ANPRM. Input received in response to this ANPRM will assist TSA in better understanding how the pipeline and rail sectors implement cyber risk management (CRM) in their operations and will support us in achieving objectives related to the enhancement of pipeline and rail cybersecurity. DATES: Submit comments by January 17, 2023. ADDRESSES: You may submit comments, identified by the TSA …