The Transportation Security Administration last week issued a draft statement of work as part of a potential competitive effort to manage a public-private entity to share information about threats to the nation’s public transportation system, particularly as cyber incidents continue to increase.
The draft work statement was issued by the agency’s Surface Policy Division as part of a Request for Information seeking industry feedback related to the Public Transportation Information Sharing and Analysis Center (PT-ISAC). The work statement describes the requirements and work scope for a contractor to manage the project.
ISACs were created through a presidential directive in 1998 for government and industry to form public-private partnerships to mitigate vulnerabilities to specific U.S. critical infrastructures. The PT-ISAC is currently operated by Infrastructure Technologies Corporation, a small veteran-owned business, and sponsored by the American Public Transportation Association.
The ISACs enable the creation of information sharing networks between various members including private stakeholders, government and other partners. As cyber threats have increased in the past nearly two decades, the ISACs have become a key hub for critical infrastructure to pass information on threats and remedies to thwart attackers and hackers.
“It is also important to note that Cybersecurity incidents affecting surface transportation are a growing threat,” the draft statement of work says. “Malicious cyber actors continue to target U.S. critical infrastructure, to include freight, passenger, and rail transit systems, with multiple cyberattack and cyber espionage campaigns. Recent ransomware attacks against the transportation sector underscore this threat.”
The PT-ISAC will serve the public transportation and over-the-road-bus communities.