TSA Unveils Cybersecurity Roadmap

The Transportation Security Administration this week released a cybersecurity roadmap that will help prioritize cybersecurity measures within the agency and potentially across airports and other systems in the transportation sector.

The roadmap—the agency’s first—aligns with the Homeland Security Department’s cybersecurity strategy, and puts the agency on a path to ensure critical cyber and physical dangers to the transportation infrastructure are addressed.

“TSA is responsible for securing the nation’s transportation systems from all threats – both physical and cyber,” TSA Administrator David Pekoske said in a statement. “Because the consequences of both physical and cyberattacks can be equally damaging, we must be prepared to respond to cyber threats with the same level of success as we do when faced with physical threats.”

The roadmap identifies four priorities—risk identification, vulnerability reduction, consequence mitigation, enable cybersecurity outcomes—and six goals to undertake over the next five years to help the agency meet them. Goals include assessing and prioritizing evolving cyber risks to TSA and transportation security systems, protecting agency information systems and transportation critical infrastructure and improving the management of TSA and its cybersecurity activities.

“By focusing on these near- to mid-term goals, TSA will work to ensure the availability of transportation system functions and to foster efficiency, innovation, trustworthy communication, and economic prosperity in ways consistent with our national values and that protect privacy and civil liberties,” the roadmap states.

One of TSA’s desired outcomes is to improve “staffing, recruitment, education, training and retention” of technical and cyber talent. The roadmap signals the agency’s intent to use special hiring authorities to “recruit highly qualified candidates to TSA” to augment existing federal workforce.