Tag Archives: TSA

Critical Infrastructure in Cybersecurity: Innovation for the Transportation Sector

Posted on by
Reply

In 2021, the presidential administration passed the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems, aiming to bolster the cybersecurity posture of critical infrastructure in the United States. Various agencies, such as the Transportation Security Administration (TSA), Department of Transportation (DOT) and the Cybersecurity Infrastructure Security Agency (CISA), have been working to continuously improve the security of the transportation sector, which oversees the movement of people and goods across the country.

The Transportation Sector

Within the transportation sector, initiatives have been taken to help fund cybersecurity improvements in an array of subsectors. The transportation sector includes:

  • Aviation: Approximately 450 commercial airports, 19,000 airfields, air traffic control systems, heliports, landing strips, joint-use military airports, sea plane bases, manned and unmanned recreational aircraft and flight schools[1]
  • Highway and motor carriers: Managing roadways, bridges, tunnels and commercial vehicles such as motorcoaches and school buses traffic management systems
  • The maritime transportation system: Approximately 95,000 miles of coastline, 361 ports and over 10,000 miles of navigable waterways
  • Mass transit and passenger rail: Terminals, operational systems, transit buses, monorails, trolleys and rideshares
  • Pipeline systems: Carriers of natural gas, hazardous liquids and various chemicals
  • Freight rail: Major carriers, smaller, active railroads, freight cars and locomotives
  • Postal and shipping: Regional and local couriers, mail management firms, charters and delivery services[2]

Carahsoft Cybersecurity for Transportation Blog 4 Embedded Image 2023Security Directives

Due to persistent threats to the cybersecurity of critical infrastructure, including the transportation sector, the TSA issued multiple security directives for various transportation types, including railways and pipelines. These new directives require agencies to develop approved implementation plans that will help improve cybersecurity resilience, proactively assess the effectiveness of cybersecurity measures and prevent the deterioration of infrastructure.

The directive also requires that entities regulated by the TSA proactively work to implement amendments in the directive, including to:

  • Develop network segmentation policies so that Operational Technology (OT) can continue working, even when compromised
  • Prevent unauthorized access to critical infrastructure systems by enabling control access measures
  • Identify vulnerabilities and implement security patches for operating systems, applications, drivers and firmware to reduce the risk of exploitation
  • Detect malicious software and unauthorized access on Information Technology (IT) or OT systems and report designated incidents to CISA
  • Isolate infected systems from uninfected systems to limit the spread of malware, deny further access and to preserve evidence of compromise[3]

A similar initiative, introduced by the DOT in 2022, aims to improve security awareness amongst employees. All DOT network users are required to complete the DOT’s Security Awareness Training, which is inspired by various federal requirements and the DOT Order on Department Cybersecurity Policy. The training measures employees’ knowledge in cybersecurity, including password and PIN protection and basic security for information systems.[4]

By striving to improve the security posture of the transportation sector, the TSA, DOT and CISA endeavor to protect the safety of the nation.

Cybersecurity Funding for the Future

The DOT has also introduced measures to improve the national security posture. To leverage funding from bipartisan infrastructure, the U.S. Transportation Secretary Pete Buttigieg announced up to $45 million in grants for various University Transportation Centers (UTC). These grants will be utilized to improve the cybersecurity resilience of agencies affiliated with roads, bridges, rail, shipping and airspace. One of these grants will go to Clemson University to lead a consortium focused on cybersecurity research and development. Another of these grants will go to Prairie View A&M University to improve technology in the transportation system, including data related to artificial intelligence and environmental resilience.[5]

Ever since the Colonial Pipeline attack of 2021, as well as other attacks on the cybersecurity of critical infrastructure of the United States, various agencies have done their part to improve the nation’s security. Through CISA’s hard work to create cybersecurity guidelines and cross-sector performance goals and the Federal Government’s generous grants, the nation’s critical infrastructure is postured to increase security and resolve potential crises.

This blog is the final installment in our four-part series, which examines cybersecurity initiatives inspired by The White House’s National Security Memorandum. The first three parts covered the basics of critical infrastructure cybersecurity, an overview of the Water and Wastewater Sector, and an overview of the Electric and Utility Sector.

 

To learn more about how agencies can bolster their cybersecurity efforts within critical infrastructure, visit Carahsoft’s Cybersecurity Solutions Portfolio. 

 

Resources:

[1] “National Infrastructure Protection Plan,” Transportation Systems Sector, https://www.dhs.gov/xlibrary/assets/nipp_transport.pdf

[2] “Transportation Systems Sector,” Cybersecurity and Infrastructure Security Agency, https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors/transportation-systems-sector

[3] “Security Directives and Emergency Amendments,” Transportation Security Administration, https://www.tsa.gov/sd-and-ea

[4] “FY 2022 Department of Transportation Security Awareness Training,” Federal Motor Carrier Safety Administration, https://www.fmcsa.dot.gov/safety/fy-2022-department-transportation-security-awareness-training

[5] “U.S. Department of Transportation Funds Innovative Research Providing Vital Training for Next Generation of Transportation Leaders,” U.S. Department of Transportation, https://www.transportation.gov/briefing-room/us-department-transportation-funds-innovative-research-providing-vital-training-next

Maximizing Service by Engaging Employees as Customers

Posted on by
Reply

At the end of 2021, the Executive Order on Transforming Federal Customer Experience and Service Delivery to Rebuild Trust in Government stated, “Our Government must recommit to being ‘of the people, by the people, [and] for the people’ in order to solve the complex 21st century challenges our Nation faces. Government must be held accountable for designing and delivering services with a focus on the actual experience of the people whom it is meant to serve.” Panelists at Carahsoft’s 2023 Government Customer Experience and Engagement Summit agreed that this mission begins with an organization’s employee experience.

A New Approach in Customer Experience Over Time

With the recent introduction of mandates and the new executive order, Government agencies have increased momentum to move customer experience (CX) from being a standalone initiative to weaving it into every facet of daily operations. Jill Leighton, Vice President of Public Sector Strategy and Solutions at Qualtrics, said that today, agencies are not just singularly improving a particular service or touch point. Now, they are taking that insight and implementing it into policymaking, strategic planning, reporting success and designing programs, while also learning where to invest and prioritize.

Carahsoft Customer Experience Engagement Summit Part 3 Service Blog Embedded Image 2023Untapped Resources

Using the best resources and constantly staying on top of innovation is an undertaking for any agency. Employees can be the most underutilized asset for organizations, so it is important for agencies to understand what employees need for peak performance. An immense amount of change has happened throughout the pandemic in working environments, and organizations need to take full advantage of the newer talent capacity and building opportunities within teams and employee talent pools. Additionally, agencies can unlock insights from employee and CX satisfaction through data gathering tools like conversational analytics, natural language processing and machine learning.

Artificial Intelligence in CX

Ironically, the possibilities presented by AI technology are critical to a human-centered CX strategy, Leighton said. With the implementation of AI, agencies are able to automate data analysis in various formats, perform automatic cataloging categorization and background filtering. For example, employees on the front lines of call centers can benefit from weekly, even daily summary reports showing the customer’s most pressing problems, their satisfaction levels and other aspects of their experiences. Using AI for the purpose of collecting qualitative and experience data, call operators can gain valuable insight into how to improve their human-centered CX approach and learn how to personalize each interaction they have. Additionally, using that data to optimize efficiency will improve service delivery. These solutions help move employees away from manual processes so they may focus more on interactions with customers.

What Is Impacting the Work Force?

Many aspects of Government operations can be difficult to navigate. Panelists referenced a general talent shortage, lack of funding and outdated solutions as barriers for the CX workforce. One panelist said they encounter homegrown identity and access management solutions and piecemeal fixes throughout their organization’s CX efforts, which makes it challenging to provide a seamless experience for customers and employees. Another problem CX professionals face is increased expectations from those consuming Government services.

Ron Vickery, Area Vice President of Customer and Industry Workflows, Government Health and Higher Education at ServiceNow, expressed, “We are putting employees in a really tough situation if we are not empowering them to deliver against that expectation. So, I think that, across the board, is a big trend; rising expectations of the way service should be received and making sure that we have empowered these employees to deliver that level of service.”

Translating the Employee Experience to Customer Experience

Government agencies must prepare employees to provide excellence service with a mission-driven mindset as well as proper resources and technology to deliver it. Benefits such as flexibility in the workplace, operational efficiency, training and easy access to tools and resources can attract new talent as well as retain existing employees. If they feel supported by and invested in their agency, workers will be more inclined to provide the quality of service expected by their leadership.

Nicky French, Customer Service Branch Manager for the Transportation Security Administration (TSA), said that the TSA’s security mission presents a unique challenge as this agency must balance national cybersecurity with customer experience. She stated, “Our officers in the front lines have to enforce rules, and sometimes that can come across as a little more militant than we would like. So, we try to make sure that the officers are professional and polite. We spend a lot of time just level setting what customer service means.”

Employees need to know that their organization pays attention to their needs. When positive change is made, employees know their voice is valued and has an impact. Addressing challenges within operations enables employees to make a difference and move their agency’s CX mission forward.

 

Read the previous blog and check back soon to read the rest of Carahsoft’s insights from CX industry thought leaders at the summit.

To learn more about the latest in the CX landscape and how Carahsoft’s industry-leading partners can support your Customer Experience initiatives, please visit our resource hub to access all on demand recordings and information from the 2023 Government Customer Experience and Engagement Summit.