Synthesis of Information Related to Transit Practices. Topic SA-50. Cyber Security in Transit Systems

The report is intended for transit executives and senior management. The consultant shall draft survey questions and correlate output conducive to management decision making. The synthesis will gather information regarding the maturity of current cyber security programs in the following functions: (1) Protect, Shield, Defend, and Prevent -- Measure the organization’s staff, policies, processes, practices, and technologies that protect, shield, and defend the enterprise from cyber threats, and prevent the occurrence and recurrence of cybersecurity incidents commensurate with the organization’s risk tolerance. (2) Monitor, Detect, and Hunt -- Measure the organization’s staff, policies, processes, practices, and technologies which monitor ongoing operations and actively hunt for and detect adversaries, and report instances of suspicious and unauthorized events as expeditiously as possible. (3) Respond, Recover, and Sustain -- When a cybersecurity incident occurs, measure the organization’s staff, policies, processes, practices, and technologies that are deployed to return assets to normal operations as soon as possible. Assets include technologies, information, people, facilities, and supply chains. (4) Govern, Manage, Comply, Educate, and Manage Risk -- Measure the organization’s leadership, staff, policies, processes, practices, and technologies which provide ongoing oversight, management, performance measurement, and course correction of all cybersecurity activities. This function includes ensuring compliance with all external and internal requirements and mitigating risk commensurate with the organization’s risk tolerance. Contractor shall explore and evaluate the extent of a holistic implementation of cyber security practice across both the IT and OT environments. Identify whether it is a single security program or multiple security programs within the organization. Contractor must use/create a system that anonymizes this data and categorizes into four tiers. Further, contractor shall identify: (1) Organization staff levels (FTE/contractor) dedicated to the cyber security function; (2) Associated budget dedicated to the cyber security function in three focus areas: personnel costs, training and awareness, and non-personnel costs; (3) Outsourced functions (e.g. managed SOC - not component of staff levels but captured in the budget) dedicated to the cyber security function; (4) Organization demographics and ridership which enable meaningful comparison of cyber security programs; and (5) Cyber security program categories for use in a prioritization matrix for transit agencies. Information will be gathered by literature review, and a survey of qualifying transit organizations. The synthesis will emphasize four case examples that are representative of transit system cyber security programs for each of the tiers. These should highlight innovative approaches, successes, challenges and lessons learned. Gaps in information and future research needs will also be identified.

Language

  • English

Project

  • Status: Active
  • Funding: $45000
  • Contract Numbers:

    Project J-07, Topic SA-50

  • Sponsor Organizations:

    Transit Cooperative Research Program

    Transportation Research Board
    500 Fifth Street, NW
    Washington, DC    20001

    Federal Transit Administration

    1200 New Jersey Avenue, SE
    Washington, DC  United States  20590
  • Project Managers:

    Garcia-Colberg, Mariela

  • Performing Organizations:

    Geographic Paradigm Computing, Inc.

    Laguna, NM  United States  87026
  • Principal Investigators:

    Fletcher, David

  • Start Date: 20190504
  • Expected Completion Date: 0
  • Actual Completion Date: 0

Subject/Index Terms

Filing Info

  • Accession Number: 01707742
  • Record Type: Research project
  • Source Agency: Transportation Research Board
  • Contract Numbers: Project J-07, Topic SA-50
  • Files: TRB, RiP
  • Created Date: Jun 10 2019 3:16PM