Skip to content

U.S. Unveils New Cyber Mandates for Passenger and Freight Rail Carriers

  • Directives require 24-hour reporting of cyber breaches
  • Move follows Biden pressure to improve private sector security
Updated on

Major passenger and freight railroads will soon be required to report cybersecurity breaches quickly and review how susceptible they are to cyberattack, senior officials at the U.S. Department of Homeland Security said Thursday.

The requirements, which take effect Dec. 31, come as the Biden administration has put increasing pressure on the private sector to protect the nation’s critical infrastructure from hackers. That follows a series of devastating hacks that infiltrated federal agencies and major businesses, including the May ransomware attack on Colonial Pipeline Co. that temporarily curtailed fuel supplies along the East Coast.