The Community Transportation ISAO is a cyber intelligence community for transit agencies and vendors working together to meet regulatory requirements, reduce cyber risk and identify cyber threats in the transportation environment.
Who does the Community Transportation ISAO help?
The Community Transportation ISAO prioritizes the cyber-readiness needs of transit agencies, their vendors, and their partners as transportation information ecosystems (operational systems, enterprise information systems and subscribed systems) increasingly must accommodate technology-driven service delivery models, connected vehicles and autonomous vehicles.
“Cyber threats and vulnerabilities of critical components of the transportation information ecosystem not only put the transit agency and the lives of passengers at risk but may also put the agency in noncompliance with many legal requirements, such as the Health Insurance Portability and Accountability Act (HIPAA), payment card industry (PCI) security standards and the Patriot Act. Compromise of the ICT systems not only puts confidentiality at risk, but also threatens the integrity and availability of the functions of the transit agency. Transit agencies must be proactive and approach cybersecurity risks with a holistic solution that involves effective strategy addressing the three key areas of IT infrastructure: operations, people and facilities. Additionally, transit agencies must rely on collaborative forums that enable knowledge sharing to promote awareness of new attacks, particularly industry specific attacks.”
— American Public Transportation Association
STANDARDS DEVELOPMENT PROGRAM RECOMMENDED PRACTICE:
Cybersecurity Considerations for Public Transit