Login

Register

Login

Register


The United States Transport Security Administration (TSA) has publicly announced that it’s on a “quest to merge cybersecurity and information technology.”

Instead of cybersecurity’s being an add-on or afterthought, the TSA wants the industry to adopt a culture of “cybersecurity by design” when dreaming up and manufacturing security equipment. 

The transport-focused sub-tier of the Department of Homeland Security has not taken on this mission alone, but rather says that it’s acting with the support of America’s airport facilities. 

The joint call for a new mindset from the security industry was announced in a special notice on January 7.

“The purpose of this special notice is to inform [the] industry of TSA’s and airport facilities’ quest to merge
cybersecurity and information technology,” wrote the TSA.

“This and future notifications will provide [the] industry with ongoing meeting overviews and actions that specifically address information security and security screening technologies.”

Along with its desires for an integrated approach, the TSA listed 17 key requirements for the information security and security screening technologies industry, with the aim of ensuring all parties are working toward a common goal.

Demonstrable “cybersecurity by design” for security equipment topped a list that also called for password control that allows airport operators to change system-level passwords and the vetting of all maintenance personnel, both local and remote, via background checks. 

Systems must be updatable as vulnerabilities are discovered, and security assessment tools should run on devices to scan for them. In addition, systems must ensure the unique identification of people, activity, or equipment access and be able to audit, analyze, and monitor events.

To protect supply-chain integrity, a complete list of all software and hardware making up screening equipment will be required from vendors.

Vendors are also expected to protect screening algorithms from compromise with systems that issue alerts when accessed. Steps must also be taken to prevent unauthorized physical access—via USB ports, for example.

“Sharing these requirements with [the] industry and the public will: Increase security levels; raise the bar of cybersecurity across screening solutions; provide vendors an opportunity to demonstrate their cybersecurity credentials; and provide an aligned approach across the industry—making it easier for vendors to adapt to end user requirements,” wrote the TSA.

____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW