On Tuesday, the House Committee on Homeland Security convened for a hearing on securing U.S. surface transportation from cyberattacks. Representatives from the Transportation Security Administration (TSA) and Cybersecurity and Infrastructure Security Agency (CISA)–a branch of the Department of Homeland Security (DHS)–testified that the agencies would like to continue working on cybersecurity together and retain the authority to adjust policy regarding cyberthreats when recognized.
While working with CISA, TSA would also like to maintain the autonomy from Congress to adjust to pipeline threats rather than wait for legislation to pass, according to Sonya Proctor, the director for the Surface Division in the TSA’s Office of Security Policy and Industry Engagement.
“The nature of cyberthreats is that they are constantly emerging,” Proctor said. “They are emerging much faster than the government’s ability to write regulations to address them.”
When asked whether the agencies should receive more input from other Federal agencies on cybersecurity issues, such as the Department of Energy or Department of Transportation, Bob Kolasky, director of national risk management at CISA, thought that spreading the responsibilities too thin would be a difficult challenge.
“I don’t think you want to take cybersecurity responsibilities out of DHS and put them further afield because that would just challenge (our agency),” Kolasky said.
According to Kolasky, CISA wants to work to get other Federal agencies to understand supply chain in a deeper capacity. Adversarial threats in technology equipment built by foreign nations remains a concern as Chinese railcar companies continue to win bids to build train cars in the United States.
Also testifying was Erik Olson, VP of the Rail Security Alliance, and he believes that the United States should stop buying railcar equipment from China altogether. While cyberattacks on the trains are in the realm of reality, Olson is most concerned with privacy of American citizens on the trains and the Chinese being able to track commodities shipments, including military equipment.