Security Policy Alert: CISA Issues "Shields-Up" Message to Critical Infrastructure Operators
February 14, 2022
TSA has asked AAAE to help to distribute the following message to airport security and cybersecurity coordinators:
"The Transportation Security Administration is providing the following information as part of the on-going effort to ensure that transportation operators are prepared for potential cyber threats. Due to current geopolitical tensions, the Cybersecurity and Infrastructure Security Agency (CISA) has issued a 'Shields-Up!' message and launched the https://www.cisa.gov/shields-up website for information on threats, mitigations, and response information.
Cybersecurity coordinators are strongly encouraged to review the information on the Shields-Up website as the recent Joint Cybersecurity Advisories published on this topic. These alerts can be accessed at https://www.cisa.gov/uscert/ncas/alerts
The following is excerpted from the Shields-Up website:
'Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.
Notably, the Russians have used cyber as a key component of their force projection over the last decade, including previously in Ukraine in the 2015 timeframe. The Russians understand that disabling or destroying critical infrastructure'”including power and communications'”can augment pressure on a country's government, military and population and accelerate their acceding to Russian objectives.
While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for Russia to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.
Based on this situation, CISA has been working closely with our critical infrastructure partners over the past several months to ensure awareness of potential threats'”part of a paradigm shift from being reactive to being proactive.
CISA recommends all organizations'”regardless of size'”adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.'
TSA will continue to provide you with additional information as it becomes available and we encourage you to monitor the CISA website for additional information."
As a reminder, comments are due today on the proposed ASP amendment TSA-PNA-22-01, Cybersecurity Vulnerability Assessments and Contingency Planning. In addition, TSA has circulated a brief questionnaire about airport cybersecurity coordinators and the potential need for security clearances. The survey is voluntary and TSA has requested responses by Friday, February 18.
As always, please do not hesitate to contact AAAE if you have any questions or need any additional information.
TSA has asked AAAE to help to distribute the following message to airport security and cybersecurity coordinators:
"The Transportation Security Administration is providing the following information as part of the on-going effort to ensure that transportation operators are prepared for potential cyber threats. Due to current geopolitical tensions, the Cybersecurity and Infrastructure Security Agency (CISA) has issued a 'Shields-Up!' message and launched the https://www.cisa.gov/shields-up website for information on threats, mitigations, and response information.
Cybersecurity coordinators are strongly encouraged to review the information on the Shields-Up website as the recent Joint Cybersecurity Advisories published on this topic. These alerts can be accessed at https://www.cisa.gov/uscert/ncas/alerts
The following is excerpted from the Shields-Up website:
'Every organization in the United States is at risk from cyber threats that can disrupt essential services and potentially result in impacts to public safety. Over the past year, cyber incidents have impacted many companies, non-profits, and other organizations, large and small, across multiple sectors of the economy.
Notably, the Russians have used cyber as a key component of their force projection over the last decade, including previously in Ukraine in the 2015 timeframe. The Russians understand that disabling or destroying critical infrastructure'”including power and communications'”can augment pressure on a country's government, military and population and accelerate their acceding to Russian objectives.
While there are not currently any specific credible threats to the U.S. homeland, we are mindful of the potential for Russia to consider escalating its destabilizing actions in ways that may impact others outside of Ukraine.
Based on this situation, CISA has been working closely with our critical infrastructure partners over the past several months to ensure awareness of potential threats'”part of a paradigm shift from being reactive to being proactive.
CISA recommends all organizations'”regardless of size'”adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.'
TSA will continue to provide you with additional information as it becomes available and we encourage you to monitor the CISA website for additional information."
As a reminder, comments are due today on the proposed ASP amendment TSA-PNA-22-01, Cybersecurity Vulnerability Assessments and Contingency Planning. In addition, TSA has circulated a brief questionnaire about airport cybersecurity coordinators and the potential need for security clearances. The survey is voluntary and TSA has requested responses by Friday, February 18.
As always, please do not hesitate to contact AAAE if you have any questions or need any additional information.
