NP[9110-05-P]
DEPARTMENT OF HOMELAND SECURITY
Transportation Security Administration
[Docket No. TSA-2022-0001]
RIN 1652-AA74
49 CFR Parts 1500, 1503, 1520, 1570, 1580, 1582, 1584, and 1586
Enhancing Surface Cyber Risk Management
AGENCY: Transportation Security Administration, DHS.
ACTION: Notice of proposed rulemaking (NPRM).
SUMMARY: The Transportation Security Administration (TSA) is proposing to impose
cyber risk management (CRM) requirements on certain pipeline and rail owner/operators
and a more limited requirement, on certain over-the-road bus (OTRB) owner/operators,
to report cybersecurity incidents. With the proposed addition of requirements applicable
to pipeline facilities and systems, TSA is also proposing that a requirement to have a
Physical Security Coordinator and report significant physical security concerns be
extended to the same facilities and systems. Finally, TSA is proposing clarifications and
reorganization of other regulatory requirements necessitated by these changes.
DATES: Submit comments by [INSERT DATE 90 DAYS AFTER DATE OF
PUBLICATION IN THE FEDERAL REGISTER].
ADDRESSES:
Comments on this NPRM: You may submit comments on this NPRM, identified by the
TSA docket number to this rulemaking, to the Federal Docket Management System
(FDMS), a government-wide, electronic docket management system. To avoid
duplication, please use only one of the following methods:
• Electronic Federal eRulemaking Portal: https://www.regulations.gov. Follow
the online instructions for submitting comments.
This document is scheduled to be published in the
Federal Register on 11/07/2024 and available online at
https://federalregister.gov/d/2024-24704, and on https://govinfo.gov
