National Academies Press: OpenBook

Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 1: Project Summary Report (2023)

Chapter: 2. INTRODUCTION

Get This Book
Unfortunately, this book can't be printed from the OpenBook. If you need to print pages from this book, we recommend downloading it as a PDF.

Visit NAP.edu/10766 to get more information about this book, to buy it in print, or to download it as a free PDF.
« Previous: 1. SUMMARY
Page 3
Suggested Citation:"2. INTRODUCTION." National Academies of Sciences, Engineering, and Medicine. 2023. Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 1: Project Summary Report. Washington, DC: The National Academies Press. doi: 10.17226/27024.
×
Save
Cancel
Page 3
Page 4
Suggested Citation:"2. INTRODUCTION." National Academies of Sciences, Engineering, and Medicine. 2023. Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 1: Project Summary Report. Washington, DC: The National Academies Press. doi: 10.17226/27024.
×
Save
Cancel
Page 4

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

3 2. INTRODUCTION Th e c o m p l e t i o n o f t h i s Pr o j e c t Su m m a r y Re p o r t f u l f i l l s Ta s k 6 a s o u t l i n e d i n t h e Am p l i f i e d W o r k Pl a n . Th i s s e c t i o n i n t r o d u c e s t h e p r o j e c t , i t s b a c k g r o u n d a n d g o a l s , a n d t h e Ta s k 6 o b j e c t i v e s . Project Background Th e N CHRP 2 3 - 0 3 r e s e a r c h p r o j e c t ( t h e “ p r o j e c t ” ) w a s i n i t i a t e d t o ( 1 ) i d e n t i f y w h a t e x e c u t i v e s a n d s e n i o r m a n a g e r s a t s t a t e t r a n s p o r t a t i o n a g e n c i e s n e e d t o k n o w a b o u t m a n a g i n g t h e c o n f l u e n c e o f t r a n s p o r t a t i o n OT a n d IT c y b e r s e c u r i t y r i s k s , ( 2 ) c l a s s i f y t r a n s p o r t a t i o n f u n c t i o n s , s e r v i c e s , a n d a s s e t s t h a t m a y b e t a r g e t s o f c y b e r a t t a c k s a n d c y b e r i n c i d e n t s , a n d ( 3 ) d e v e l o p a n e a s y - t o - u s e g u i d e f o r s t a t e t r a n s p o r t a t i o n a g e n c y e x e c u t i v e s a n d s e n i o r m a n a g e r s t h a t w i l l h e l p a s s e s s , c l a s s i f y , a n d r e s p o n d t o t r a n s p o r t a t i o n s y s t e m s c y b e r s e c u r i t y r i s k s . St a t e t r a n s p o r t a t i o n a g e n c i e s , l i k e o t h e r c o m p l e x p u b l i c a n d p r i v a t e o r g a n i z a t i o n s , i n c r e a s i n g l y r e l y o n IT s y s t e m s a n d OT a s s e t s t o f u l f i l l t h e i r p u b l i c m i s s i o n . In a d d i t i o n t o t h e u s e o f IT f o r a d m i n i s t r a t i v e f u n c t i o n s , t h e r e a l - t i m e u s e o f t e c h n o l o g y t o o p e r a t e a n d m a n a g e t r a n s p o r t a t i o n f a c i l i t i e s a n d s e r v i c e s p r e s e n t s p a r t i c u l a r l y a c u t e c h a l l e n g e s . Re c e n t c y b e r i n c i d e n t s w i t h i n p u b l i c a g e n c i e s h a v e h i g h l i g h t e d t h e c h a l l e n g e s t r a n s p o r t a t i o n a g e n c i e s f a c e d u e t o c y b e r s e c u r i t y t h r e a t s . In p r i o r r e s e a r c h , s i g n i f i c a n t e m p h a s i s h a s b e e n g i v e n t o t h e p r o t e c t i o n o f IT s y s t e m s a g a i n s t s u c h r i s k s . Th i s p r o j e c t i s d e v o t e d t o a d d r e s s i n g t h e r i s k s t o OT a n d e q u i p m e n t a n d p r o t e c t i n g t r a n s p o r t a t i o n b u s i n e s s o p e r a t i o n s . Th e r e c o m m e n d a t i o n s d e v e l o p e d t h r o u g h t h i s p r o j e c t w i l l p r o v i d e s t a t e a g e n c y l e a d e r s h i p w i t h i n f o r m a t i o n a n d d i r e c t i o n o n c y b e r - i n c i d e n t m a n a g e m e n t t o p r e v e n t a n d r e s p o n d t o c y b e r s e c u r i t y i n c i d e n t s w h e n t h e y o c c u r a n d h o w t o r e c o v e r , a n d w i t h a p a r t i c u l a r f o c u s o n OT a n d s t a t e t r a n s p o r t a t i o n a g e n c i e s ’ u n i q u e c y b e r s e c u r i t y c h a l l e n g e s . Project Goals Th e o b j e c t i v e o f t h e p r o j e c t i s t o : • Id e n t i f y w h a t e x e c u t i v e s a n d s e n i o r m a n a g e r s a t s t a t e t r a n s p o r t a t i o n a g e n c i e s n e e d t o k n o w a b o u t m a n a g i n g t h e c o n f l u e n c e o f t r a n s p o r t a t i o n OT a n d IT c y b e r s e c u r i t y r i s k s • Cl a s s i f y t r a n s p o r t a t i o n f u n c t i o n s , s e r v i c e s , a n d a s s e t s t h a t m a y b e t a r g e t s o f c y b e r a t t a c k s a n d c y b e r i n c i d e n t s • D e v e l o p a n e a s y - t o - u s e g u i d e f o r s t a t e t r a n s p o r t a t i o n a g e n c y e x e c u t i v e s a n d s e n i o r m a n a g e r s t h a t w i l l h e l p a s s e s s , c l a s s i f y , a n d r e s p o n d t o t r a n s p o r t a t i o n s y s t e m s c y b e r s e c u r i t y r i s k s Project Scope Th e t w o ( 2 ) y e a r p r o g r a m c o n s i s t e d o f t h e f o l l o w i n g s e v e n ( 7 ) t a s k s : 1 . Id e n t i f y a n d Su m m a r i z e St a t e Tr a n s p o r t a t i o n Ag e n c i e s ’ Cy b e r s e c u r i t y In i t i a t i v e s 2 . Co n d u c t a Re v i e w o f Re l e v a n t Cy b e r s e c u r i t y L i t e r a t u r e 3 . Id e n t i f y Tr a n s p o r t a t i o n Te c h n o l o g y a n d Cy b e r s e c u r i t y SMEs 4 . Pr e p a r e In t e r i m Re p o r t 5 . D e v e l o p a Tr a n s p o r t a t i o n Cy b e r Ri s k Gu i d e 6 . D e v e l o p D r a f t Pr o j e c t Su m m a r y Re p o r t 7 . F i n a l i z e Pr o j e c t Su m m a r y Re p o r t Ad d i t i o n a l s u m m a r i e s c o n c e r n i n g e a c h o f t h e t a s k s c a n b e f o u n d i n Se c t i o n 3 . Th e f u l l r e p o r t s o f s p e c i f i c t a s k s c a n b e f o u n d i n Ap p e n d i c e s A- C o f t h i s d o c u m e n t a n d NCHRP Web-Only Document 355: Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 2: Transportation Cyber Risk Guide.

4 Project Schedule A h i g h - l e v e l d e l i v e r a b l e s c h e d u l e c a n b e s e e n i n Ta b l e 1 . Table 1. Project Deliverable Schedule Deliverables Estimated Completion Date Delivered Project Management Am p l i f i e d W o r k Pl a n ( AW P) 6 / 1 6 / 2 0 2 0 6 / 1 6 / 2 0 2 0 Project Technical Tasks Task 1: Identify and Summarize State Transportation Agencies’ Cybersecurity Initiatives Te c h n i c a l Me m o r a n d u m 1 ( TM1 ) D r a f t 1 0 / 2 / 2 0 2 0 F i n a l 1 1 / 6 / 2 0 2 0 1 0 / 2 / 2 0 2 0 1 1 / 6 / 2 0 2 0 Task 2: Conduct a Review of Relevant Cybersecurity Literature Te c h n i c a l Me m o r a n d u m 2 ( TM2 ) D r a f t 1 2 / 4 / 2 0 2 0 F i n a l 1 / 1 5 / 2 0 2 1 1 2 / 4 / 2 0 2 0 1 / 1 5 / 2 0 2 1 Task 3: Identify Transportation Technology and Cybersecurity SMEs Te c h n i c a l Me m o r a n d u m 3 ( TM3 ) D r a f t 3 / 2 6 / 2 0 2 1 F i n a l 4 / 3 0 / 2 0 2 1 3 / 2 6 / 2 0 2 1 4 / 3 0 / 2 0 2 1 Task 4: Prepare Interim Report In t e r i m Re p o r t 1 ( IR1 ) D r a f t 5 / 2 1 / 2 0 2 1 F i n a l 6 / 2 5 / 2 0 2 1 5 / 2 1 / 2 0 2 1 6 / 2 5 / 2 0 2 1 Task 5: Develop a Transportation Cyber Risk Guide Te c h n i c a l Me m o r a n d u m 4 ( TM4 ) D r a f t 1 1 / 5 / 2 0 2 1 F i n a l 2 / 1 8 / 2 0 2 2 1 1 / 5 / 2 0 2 1 2 / 1 8 / 2 0 2 2 Task 6 & 7 : Develop Project Summary Report F i n a l Su m m a r y Re p o r t ( w i t h " Pr i o r i t i z e d Re c o m m e n d a t i o n s f o r F u t u r e Re s e a r c h " ) D r a f t 2 / 1 8 / 2 0 2 2 F i n a l 2 / 1 8 / 2 0 2 2 -

Next: 3. SUMMARY OF TASKS »
Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 1: Project Summary Report Get This Book
×
Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 1: Project Summary Report
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Chief executive leadership of transportation agencies have placed substantial emphasis on the protection of IT systems against cyber threats. Less focus has been devoted to the risks to operational technology (OT) and equipment or in protecting transportation business operations.

The TRB National Cooperative Highway Research Program's NCHRP Web-Only Document 355: Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs seeks to mitigate that imbalance, especially as physical OT assets become increasingly connected through electronic networks and managed remotely by software. Volume 1, Project Summary Report provides details of the research project that developed the Transportation Cyber Risk Guide, which is found in NCHRP Web-Only Document 355: Cybersecurity Issues and Protection Strategies for State Transportation Agency CEOs, Volume 2.

Supplemental to the document is a presentation of an overview of the research.

READ FREE ONLINE

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!