Guidelines for State Transportation Agency Chief Executive Officers on Cybersecurity Issues and Protection Strategies

State transportation agencies, like other complex public and private organizations, increasingly rely on information technology (IT) systems and operational technology (OT) assets to fulfill their public mission. In addition to the use of IT for administrative functions, the real-time use of technology to operate and manage transportation facilities and services presents particularly acute challenges. Recent cyber incidents within public agencies highlighted the challenges transportation agencies face with such threats. Significant emphasis has been given to the protection of IT systems against such threats but less is devoted to the risks to OT and equipment and protecting transportation business operations. State transportation agency leadership need more information to explain how the agencies can prevent such incidents, what to do when they occur, and how to recover. This research focuses on state transportation agencies’ unique cybersecurity challenges, in particular OT, and provides direction on cyber-incident management. This research aimed to (1) identify what executives and senior managers at state transportation agencies need to know about managing the confluence of transportation OT and IT cybersecurity risks, (2) classify transportation functions, services, and assets that may be targets of cyberattacks and cyber incidents, and (3) develop an easy-to-use guide for state transportation agency executives and senior managers that will help assess, classify, and respond to transportation systems cybersecurity risks. 

• Record URL:
  http://apps.trb.org/cmsfeed/TRBNetProjectDisplay.asp?ProjectID=4784

Language

• English

Project

• Status: Completed
• Funding: $350000
• Contract Numbers:

  Project 23-03

• Sponsor Organizations:

  National Cooperative Highway Research Program

  Transportation Research Board
  500 Fifth Street, NW
  Washington, DC  United States  20001

  Federal Highway Administration

  1200 New Jersey Avenue, SE
  Washington, DC  United States  20590

  American Association of State Highway and Transportation Officials (AASHTO)

  444 North Capitol Street, NW
  Washington, DC  United States  20001
• Project Managers:

  Crichton-Sumners, C

• Performing Organizations:

  Southwest Research Institute

  6220 Culebra Road, P.O. Drawer 28510
  San Antonio, TX  United States  78228-0510
• Principal Investigators:

  Ramon, Marisa

• Start Date: 20200601
• Expected Completion Date: 20220712
• Actual Completion Date: 20220712

Subject/Index Terms

• TRT Terms: Best practices; Computer security; Guidelines; Leadership; Management; Multimedia; Outreach; Risk assessment; State departments of transportation; State of the practice; Strategic planning; Training
• Identifier Terms: Colorado Department of Transportation
• Subject Areas: Administration and Management; Data and Information Technology; Education and Training; Highways; Planning and Forecasting; Security and Emergencies;

Filing Info

• Accession Number: 01707534
• Record Type: Research project
• Source Agency: Transportation Research Board
• Contract Numbers: Project 23-03
• Files: TRB, RIP
• Created Date: Jun 5 2019 12:36PM