What directive by the san francisco board of education created an international incident?

On February 28, 2003, the President issued Homeland Security Presidential Directive (HSPD)-5, Management of Domestic Incidents, which directs the Secretary of Homeland Security to develop and administer a National Incident Management System (NIMS) and improve coordination in response to incidents.

• To view this document, please go to: http://www.dhs.gov/publication/homeland-security-presidential-directive-5

On March 30, 2011, the President issued Presidential Policy Directive (PPD)-8, National Preparedness, which is a companion to HSPD-5 and directs the Secretary of Homeland Security to require a national domestic all-hazards preparedness goal, establish mechanisms for improved delivery of Federal preparedness.

• To view this document, please go to: http://www.dhs.gov/presidential-policy-directive-8-national-preparedness

On November 7, 2016, the President issued the Presidential Policy Directive (PPD)-44, Enhancing Domestic Incident Response. 

The National Response Framework (NRF) Resource Center can be found at: http://www.fema.gov/national-response-framework

FEMA National Incident Management System (NIMS) website:http://www.fema.gov/national-incident-management-system

The Incident Command System (ICS) Resource Center can be found at: http://www.training.fema.gov/emiweb/is/icsresource/index.htm 

Start Preamble Start Printed Page 31093

AGENCY:

Office of Strategy, Policy, and Plans, Department of Homeland Security (DHS).

ACTION:

Notification of ratification of security directives.

SUMMARY:

DHS is publishing official notice that the Transportation Security Oversight Board (TSOB) has ratified Transportation Security Administration (TSA) Security Directive 1580-21-01, Security Directive 1582-21-01, Security Directive Pipeline-2021-01A, and Security Directive Pipeline-2021-02B. Security Directive 1580-21-01 requires owners/operators of specified freight railroad carriers to implement certain measures addressing cybersecurity vulnerabilities. Security Directive 1582-21-01 applies these same requirements to owner/operators of specified passenger railroad carriers and rail transit systems. Security Directive Pipeline-2021-01A and Security Directive Pipeline-2021-02B amend earlier cybersecurity directives applicable to owner/operators of critical pipeline systems and facilities. Security Directive Pipeline-2021-01A incorporates a revised definition of a “cybersecurity incident” and aligns the definition with the definition applicable across other modes of transportation regulated by TSA. Security Directive Pipeline-2021-02B provides additional flexibility to owner/operators in complying with the mitigation measures required by Security Directive Pipeline-2021-02.

DATES:

The TSOB ratified Security Directive 1580-21-01, Security Directive 1582-21-01, and Security Directive Pipeline-2021-01A on December 29, 2021. The TSOB ratified Security Directive Pipeline-2021-02B on January 13, 2022.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Thomas McDermott, Acting Assistant Secretary for Cyber, Infrastructure, Risk and Resilience Policy at 202-834-5803 or .

End Further Info End Preamble

SUPPLEMENTARY INFORMATION:

I. Background

A. Cybersecurity Threat

Cybersecurity incidents affecting surface transportation entities are a growing threat that pose a risk to the national and economic security of the United States. In recent years, cyber attackers have maliciously targeted the critical infrastructure of surface transportation modes in the United States, including pipelines, freight railroads, passenger railroads, and rail transit systems, with multiple cyberattack and cyber espionage campaigns.[1] This threat continues to evolve and is ongoing. By targeting the integrated cyber and physical infrastructure of surface transportation entities, these attackers threaten the safe, secure, and uninterrupted daily operation of surface transportation systems relied upon by the U.S. economy with potential to cause nation-wide impact.

B. Security Directive 1580-21-01 and Security Directive 1582-21-01

In response to this persistent threat, TSA issued two security directives on December 2, 2021, requiring specified surface transportation entities to implement urgently needed measures that immediately enhance the cybersecurity of the surface transportation sector.[2] Specifically, the two materially identical security directives—one applicable to specified freight railroad carriers and the other applicable to specified passenger railroad carriers and rail transit systems—require owner/operators to take the following four crucial actions:

• Designate a Cybersecurity Coordinator who is required to be available to TSA and CISA at all times (all hours/all days) to coordinate implementation of cybersecurity practices, manage cybersecurity incidents, and serve as a principal point of contact with TSA and CISA for cybersecurity-related matters;
• Report cybersecurity incidents to CISA;
• Conduct a Cybersecurity Vulnerability Assessment to identify gaps in current cybersecurity measures, identify remediation measures, and develop a plan for the owner/operator to implement the remediation measures to address any identified vulnerabilities and gaps; and
• Develop a Cybersecurity Incident Response Plan to reduce the risk of operational disruption should their Information and/or Operational Technology systems be affected by a cybersecurity incident.

The actions required by these security directives only apply to specified owner/operators of freight railroads, passenger railroads, and rail transit systems that TSA has determined are higher risk.[3] The covered entities are those that the nation depends on to move passengers and transport freight in support of critical sectors, including national defense. Both security directives became effective on December Start Printed Page 31094 31, 2021 and are set to expire on December 31, 2022.[4]

C. TSA Security Directive Pipeline-2021-01A

On December 2, 2021, TSA also issued a security directive amending a directive issued earlier that year requiring owner/operators of critical pipeline systems and facilities to implement certain cybersecurity measures. On May 26, 2021, TSA issued Security Directive Pipeline-2021-01, which was the first of multiple security directives issued by TSA in 2021 to enhance the cybersecurity of critical pipeline systems in response to the ransomware attack on the Colonial Pipeline Company on May 8, 2021. This first directive required owner/operators to: (1) Report cybersecurity incidents to CISA; (2) appoint a cybersecurity coordinator to be available 24/7 to coordinate with TSA and CISA; and (3) conduct a self-assessment of cybersecurity practices, identify any gaps, and develop a plan and timeline for remediation.[5] This security directive went into effect on May 28, 2021, and was ratified by the TSOB on July 3, 2021. 86 FR 38209. It is set to expire on May 28, 2022.

Security Directive Pipeline-2021-01A, issued on December 2, 2021, amended Security Directive Pipeline-2021-01, updating the definition of cybersecurity incident applicable in the pipeline context to mirror the definition used by the subsequent security directives applicable to specified surface transportation sector entities. TSA's determination to use a modified definition was made following industry input and consultation with DHS cybersecurity experts. The amended definition of cybersecurity incident applicable to critical pipeline owner/operators provides further clarity regarding the nature of incidents that fall within the definition of cybersecurity incident and ensures the consistent identification of incidents that must be reported to CISA across all covered modes of transportation.

D. TSA Security Directive Pipeline-2021-02B

On July 19, 2021 TSA issued the second security directive—Security Directive Pipeline-2021-02—in response to the Colonial Pipeline attack, building on the requirements of Security Directive Pipeline-2021-01 to further enhance the cybersecurity of critical pipeline systems. Security Directive Pipeline-2021-02 required owner/operators of critical pipelines to take the following additional actions:

• Implement specified mitigation measures to reduce the risk of compromise from a cyberattack;
• Develop a Cybersecurity Contingency/Response Plan to reduce the risk of operational disruption or functional degradation of information technology and operational technology systems in the event of a malicious cyber intrusion; and
• Test the effectiveness of their cybersecurity practices through an annual cybersecurity architecture design review conducted by a third party.

Security Directive Pipeline-2021-02 became effective on July 26, 2021 and was ratified by the TSOB on August 17, 2021. 86 FR 52953 (September 24, 2021). It is set to expire on July 26, 2022.

On December 17, 2021, TSA issued Security Directive Pipeline-2021-02B, amending Security Directive Pipeline-2021-02 to provide additional flexibility to owner/operators in complying with the directive's requirements. TSA amended the directive's requirements based on industry feedback and following consultation with CISA. The revisions provide pipeline owner/operators with the necessary flexibility to comply with the directive's requirements, while ensuring that the requirements are met in a uniform and operationally safe manner.[6]

II. TSOB Ratification

TSA has broad statutory responsibility and authority to safeguard the nation's transportation system.[7] The TSOB—a body consisting of the Secretary of Homeland Security, the Secretary of Transportation, the Attorney General, the Secretary of Defense, the Secretary of the Treasury, the Director of National Intelligence, or their designees, and a representative of the National Security Council—reviews certain TSA regulations and security directives consistent with law.[8] TSA issued each of these security directives under 49 U.S.C. 114( l )(2)(A), which authorizes TSA to issue emergency regulations or security directives without providing notice or public comment where “the Administrator determines that a regulation or security directive must be issued immediately in order to protect transportation security . . . .”. Security directives issued pursuant to the procedures in 49 U.S.C. 114( l )(2) “shall remain effective for a period not to exceed 90 days unless ratified or disapproved by the Board or rescinded by the Administrator.” [9]

Following the issuance of Security Directive 1580-21-01, Security Directive 1582-21-01, and Security Directive Pipeline-2021-01A on December 2, 2021, the chairman of the TSOB convened the board for the purpose of reviewing each directive. Following the issuance of Security Directive Pipeline-2021-02B on December 17, 2021, the chairman again convened the board for the purpose of reviewing that directive. In reviewing the directives, the TSOB reviewed the actions required by Security Directive 1580-21-01 and Security Directive 1582-21-01 to mitigate cybersecurity vulnerabilities in the rail transportation sector; the need for TSA to issue the security directives pursuant to its emergency authority under 49 U.S.C. 114( l )(2) to prevent the disruption and degradation of the country's critical rail transportation infrastructure; Security Directive Pipeline-2021-01A's amended definition of cybersecurity incident applicable to owner/operators of critical pipeline systems and facilities; and the flexibilities provided by Security Directive Pipeline-2021-02B. Following its review, the TSOB ratified all four security directives. The TSOB ratified Security Directive 1580-21-01, Security Directive 1582-21-01, and Security Directive Pipeline-2021-01A on December 29, 2021. The TSOB ratified Security Directive Pipeline-2021-02B on January 13, 2022.

Start Signature

John K. Tien,

Deputy Secretary of Homeland Security & Chairman of the Transportation Security Oversight Board.

End Signature

What president was assassinated that highlighted the need to reform the political system?

What effect did these acts have on foreign relations?

Where did working class families go for entertainment in the Gilded Age?

How did naturalism challenge the idea of social Darwinism?