You’ve got until Jan. 17th to weigh in. See instructions in the embedded document at the link below.
Requested feedback includes:
“Address incentivizing cybersecurity adoption and compliance. TSA wrote that it ‘is particularly interested in comments on types of incentives, such as liability protection, insurance, commercial contracts, or other private- or public-sector options, that would incentivize adoption of cybersecurity and resilience measures, and whether and how TSA might facilitate the development of such incentives.” Among the questions to answer: If you have implemented CRM, was implementation required or incentivized by insurance companies, existing commercial contracts, or contracts with the federal government? What tools, technical assistance, or other resources could TSA provide to facilitate compliance with any specific federally-imposed cybersecurity requirement?”
Source: TSA Eyes Cybersecurity Rulemaking – Railway Age