Surface Transportation Cybersecurity Toolkit

The Surface Transportation Cybersecurity Resource toolkit is a collection of documents designed to provide cyber risk management information to surface transportation operators who have fewer than 1,000 employees. The materials are drawn from three primary sources:

  • National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity: A voluntary framework for reducing cyber risks in critical infrastructure. Read about the framework.
  • Stop.Think.Connect: A national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Learn more about this campaign or email your inquiry.

Cybersecurity threats are real, and they can have real consequences for an organization’s operations and profitability. Exercising cybersecurity best practices help protect from potential damaging cyber-attacks.

Contact CISA to report a cyber-incident, email the details or call (888) 282-0870.  If you are a Federal or Critical Infrastructure partner that has completed one of their Incident reporting forms, we encourage you to continue to use this method.  If not, please email report@cisa.gov and be as detailed as possible with the guidelines identified in the reporting fact sheet.

Security Directives and Information Circulars

Cybersecurity Resources

The following list of cybersecurity resources are available to the public at no cost.

This recommended practice establishes considerations for public transit chief information officers interested in developing cybersecurity strategies for their organizations. It details practices and standards that address vulnerability assessment and mitigation, system resiliency and redundancy, and disaster recovery. Read the cybersecurity considerations.

  • Part I: Elements, Organization and Risk Assessment/Management: Addresses the importance of control and communications security to a transit agency, provides a survey of the various systems that constitute typical transit control and communication systems, identifies the steps that an agency would follow to set up a successful program, and establishes the stages in conducting a risk assessment and managing risk. Read part I of the recommended practice document.
  • Part II: Defining a Security Zone Architecture for Rail Transit and Protecting Critical Zones: Presents Defense-In-Depth as a recommended approach for securing rail communications and control systems, defines security zone classifications, and defines a minimum set of security controls for the most critical zones. Read part II of the recommended practice document.
  • Part III: Attack Modeling Security Analysis White Paper: Covers the attack modeling procedure for transit agencies and their systems integrators and vendors. Read the part three of the recommended practice document.

The Critical Infrastructure Cyber Community Voluntary Program, or C³ (pronounced "C Cubed") Voluntary Program, is an innovative public-private partnership, to help connect companies, as well as Federal, State, local, tribal, and territorial partners, to DHS and other Federal government programs and resources that will assist their efforts in managing their cyber risks. View Resources

Describes several CISA scanning and testing services to help organizations reduce their exposure to threats by taking a proactive approach to mitigating attack vectors. View the services.

The Cyber Security Evaluation program conducts a no-cost, voluntary, non-technical assessment to evaluate operational resilience and cybersecurity capabilities within critical infrastructure and key resources sectors, as well as state, local, tribal, and territorial governments through its Cyber Resilience Review process. Visit the program page to download assessment materials or e-mail your inquiry.

Provides key cyber risk management concepts that business leaders should consider to protect their organization’s systems from cyber threats. Download the primer.

Describes the complex threat environment created by increasingly interconnected cyber-physical systems, and the impacts that this interconnectivity has on an organization’s cybersecurity and physical security functions. Read the guide.

Provides recommended cybersecurity best practices for Industrial Control Systems. Download the best practices.

Intends to provide direction and guidance to those organizations – in any sector or community – seeking to improve cybersecurity risk management via utilization of the NIST Cybersecurity Framework. View the framework.

Provides a tool to help facilitate the communication of strong, basic cybersecurity principles to organizational leadership. Read the factsheet.

Provides information and resources from CISA to will help individuals, organizations, and communities create or improve an existing insider threat mitigation program. View the information and resources.

A list of DHS recommended support materials for the law enforcement community. Read the list of resources for law enforcement cybersecurity.

Provides access to products in the National Cyber Awareness System that offer a variety of information for users with varied technical expertise. View the products.

Provides security measures for cyber assets and a list of cybersecurity planning and implementation guidance resources. Read the guidelines.

The center collects, analyzes, and disseminates alerts and incident reports, as well as sector-specific intelligence products, and helps the government understand sector impacts. To request access to this free service, please email your inquiry.

Provides resources a customer centered, one-stop resource with best practices and ways to prevent, protect and/or respond to a ransomware attack. View the guide.

Provides information and strategies to assist with ensuring that supply chain risk management (SCRM) is an integrated component of security and resilience planning for the Nation’s infrastructure. View the information and strategies.

Provides up-to-date information and recommendations to help organizations prepare for, respond to, and mitigate the impact of cyberattacks. View the information and recommendations.

Provides guidance, resource direction, and a directory of options to assist a Transportation Systems Sector organization in adopting the NIST framework. Learn more or download the Implementation Guidance.