Noisy
← this week  ·  Subscribe →

The world is being quietly rearranged by people who write very long documents.

Federal Register · November 7, 2024
The title they went with Enhancing Surface Cyber Risk Management Noisy translates that to

Pipeline and rail operators must now report cyberattacks to the government

What happened
The US Transportation Security Administration (TSA) wants to require pipeline and rail companies to report cyberattacks. It also wants to extend physical security reporting rules to these same companies.
Why it matters
For years, many critical infrastructure operators could keep cyber incidents quiet, managing them internally without public or regulatory scrutiny. This proposed rule means the government will get a clearer picture of the actual threat landscape for these vital systems. It also means companies will face new compliance costs and potential liability for failing to report.
The signal
Watch for the final rule and how quickly the TSA builds out its enforcement capacity to handle the new reporting requirements.
If you insist
Read the original →