Security Policy Alert: TSA Issues New Advisory Cybersecurity Information Circulars due to Escalating Risks
February 25, 2022
TSA posted to HSIN two new advisory cybersecurity Information Circulars (ICs) and a joint cybersecurity advisory on mitigating Russian state-sponsored cyber threats due to the escalating risks. These ICs follow one issued on January 16, 2022, 17-03C: Cybersecurity at Airports , which provided recommendations for improving cybersecurity practices and defenses for both airport and aircraft operators.
TSA issued today's additional ICs because cybersecurity threats to critical infrastructure within the aviation transportation sector are persistent, and they continue to require a proactive and resilient security posture to reduce the risks of a successful cyber-attack.
The security measures recommended in the ICs are not intended to supersede or replace previously issued security requirements or recommendations on this topic, but rather to help further strengthen the preparedness and mitigation capabilities in response to new threat information. The recommendations are guidance and do not impose requirements on any person or company, however, TSA strongly recommends the adoption of the measures detailed in the ICs.
TSA asked AAAE to share this information widely. Since the information is not security-sensitive, here are the links to the three documents:
'¢ Information Circular 22-01 on Enhancing Cybersecurity in Aviation
'¢ Information Circular 22-02 on Enhancing Cybersecurity in Cargo
'¢ Joint Cybersecurity Advisory on Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
TSA posted to HSIN two new advisory cybersecurity Information Circulars (ICs) and a joint cybersecurity advisory on mitigating Russian state-sponsored cyber threats due to the escalating risks. These ICs follow one issued on January 16, 2022, 17-03C: Cybersecurity at Airports , which provided recommendations for improving cybersecurity practices and defenses for both airport and aircraft operators.
TSA issued today's additional ICs because cybersecurity threats to critical infrastructure within the aviation transportation sector are persistent, and they continue to require a proactive and resilient security posture to reduce the risks of a successful cyber-attack.
The security measures recommended in the ICs are not intended to supersede or replace previously issued security requirements or recommendations on this topic, but rather to help further strengthen the preparedness and mitigation capabilities in response to new threat information. The recommendations are guidance and do not impose requirements on any person or company, however, TSA strongly recommends the adoption of the measures detailed in the ICs.
TSA asked AAAE to share this information widely. Since the information is not security-sensitive, here are the links to the three documents:
'¢ Information Circular 22-01 on Enhancing Cybersecurity in Aviation
'¢ Information Circular 22-02 on Enhancing Cybersecurity in Cargo
'¢ Joint Cybersecurity Advisory on Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
