Home Page American Government Reference Desk Shopping Special Collections About Us Contribute



Escort, Inc.


Like what we're doing? Help us do more! Tips can be left (NOT a 501c donation) via PayPal.





GM Icons
By accessing/using The Crittenden Automotive Library/CarsAndRacingStuff.com, you signify your agreement with the Terms of Use on our Legal Information page. Our Privacy Policy is also available there.
This site is best viewed on a desktop computer with a high resolution monitor.
FHWA Adoption of Cyber Security Evaluation Tool

Publication: Federal Register
Agency: Federal Highway Administration
Byline: Shailen P. Bhatt
Date: 10 September 2024
Subjects: American Government , Roads & Highways, Software 
[Federal Register Volume 89, Number 175 (Tuesday, September 10, 2024)]
[Notices]
[Pages 73488-73489]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-20331]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF TRANSPORTATION

Federal Highway Administration

[FHWA Docket No. FHWA-2024-0005]


FHWA Adoption of Cyber Security Evaluation Tool

AGENCY: Federal Highway Administration (FHWA), U.S. Department of 
Transportation (DOT).

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: With this notice, FHWA announces that it is adopting the Cyber 
Security Evaluation Tool (CSET) as a voluntary tool transportation 
authorities

[[Page 73489]]

can use to assist in identifying, detecting, protecting against, 
responding to, and recovering from cyber incidents.

FOR FURTHER INFORMATION CONTACT: For questions about this notice, 
please contact Mr. Jason Carnes, FHWA Transportation Security 
Coordinator (202) 366-5280, or via email at Jason.Carnes@dot.gov, 
Federal Highway Administration, 1200 New Jersey Avenue SE, Washington, 
DC 20590. Office hours are from 8:00 a.m. to 4:30 p.m., ET, Monday 
through Friday, except Federal holidays.

SUPPLEMENTARY INFORMATION:

Electronic Access

    This document may be viewed online under the docket number noted 
above through the Federal eRulemaking portal at: www.regulations.gov. 
Electronic submission and retrieval help and guidelines are available 
on the website. Please follow the online instructions.
    An electronic copy of this document may also be downloaded from the 
Office of the Federal Register's website at: www.FederalRegister.gov 
and the U.S. Government Publishing Office's website at: 
www.GovInfo.gov.

Background

    Pursuant to section 11510(b) of the Bipartisan Infrastructure Law 
(BIL), enacted as the Infrastructure Investment and Jobs Act (Pub. L. 
117-58), FHWA is required to develop a tool to assist transportation 
authorities in identifying, detecting, protecting against, responding 
to, and recovering from cyber incidents. Safety is the top priority of 
DOT and FHWA. The FHWA routinely works closely and collaboratively with 
Federal and State agencies whose primary missions revolve around 
securing critical transportation infrastructure. The FHWA provides 
subject matter expertise to those agencies in identifying potential 
physical and cybersecurity threats and appropriate mitigation efforts. 
When presented with physical or cybersecurity questions, concerns or 
incidents from State, local, Tribal, and Territorial transportation 
authorities, or other stakeholders, FHWA routinely assists in 
connecting these entities to security-focused government agencies, 
including the Transportation Security Administration, the Cybersecurity 
and Infrastructure Security Agency (CISA), and the Federal Bureau of 
Investigation.
    On March 5, 2024, FHWA published in the Federal Register (89 FR 
15923) a notice and request for comments proposing to adopt CISA's CSET 
as a voluntary tool that transportation authorities can use to assist 
in identifying, detecting, protecting against, responding to, and 
recovering from cyber incidents. The CISA's cybersecurity mission is to 
defend and secure cyberspace by leading national efforts to drive 
national cyber defense, resilience of national critical functions, and 
a robust technology ecosystem. The FHWA therefore thinks it is 
appropriate to leverage CISA's expertise instead of attempting to 
create a separate and potentially duplicative tool. The CSET, developed 
by CISA, is a comprehensive software tool designed to assist 
organizations in assessing their cybersecurity posture and developing 
structured improvement programs. The CSET helps organizations evaluate 
their cybersecurity practices, identify vulnerabilities, and prioritize 
mitigation efforts by providing a systematic approach to assess 
cybersecurity controls and processes. It offers a range of modules and 
questionnaires tailored to different critical infrastructure sectors, 
making it a valuable resource for organizations seeking to enhance 
their cybersecurity resilience through a well-structured assessment and 
development program. The CSET is available to the public for download 
at https://www.cisa.gov/downloading-and-installing-cset.

Discussion of Comments Received

    Consistent with BIL, section 11510(b)(2)(E), FHWA requested 
comments on its notice proposing to adopt CSET. The FHWA received two 
comments, both of which supported FHWA's proposal to adopt CSET as a 
voluntary cybersecurity tool. The FHWA appreciates the comments.

Adoption of Cyber Security Evaluation Tool

    In accordance with BIL, section 11510(b), and after reviewing the 
comments received, FHWA announces with this notice that FHWA adopts 
CISA's CSET as a voluntary tool transportation authorities can use to 
provide assistance regarding cyber incidents.
    Authority: Sec. 11510, Pub. L. 117-58, 135 Stat. 592.

Shailen P. Bhatt,
Administrator, Federal Highway Administration.
[FR Doc. 2024-20331 Filed 9-9-24; 8:45 am]
BILLING CODE 4910-22-P




The Crittenden Automotive Library