Data Protection Risk Mitigation and the TSA SD02D Mandate

The recent ransomware attack on the Colonial Pipeline shook the cybersecurity landscape, forcing a re-evaluation of our national infrastructure’s vulnerability. In response, the Cybersecurity and Infrastructure Security Agency (CISA) and the Transportation Security Administration (TSA) collaborated on the Security Directives, known as TSA SD02D.

Below, we dive into the practical aspects of cybersecurity, exploring the implications of the TSA SD02D Mandate and highlighting just how businesses can benefit from Certes Data Protection Risk Mitigation (DPRM) solution.

Understanding the TSA SD02D Mandate

The TSA SD02D Mandate is a comprehensive directive that covers a spectrum of entities:

• Owner/operators of hazardous liquid and natural gas pipelines
• Liquefied natural gas facilities
• Airports, aircraft operators
• and more.

It emphasises the imperative for CEOs and the C-Suite to view cyber risk as a strategic necessity for good governance and business growth.

Certes DPRM: A Practical Solution for Cybersecurity Challenges

Certes Crypto-Segmentation is a practical solution, ensuring the separation of individual data flows across any IP network. This technology addresses the limitations of traditional solutions, offering a nuanced approach to cybersecurity.

Practical Cyber Defence and Data Sovereignty

Certes DPRM goes beyond theoretical concepts, allowing control over data sovereignty for individual application flows. This ensures that only the intended recipient can access the data, preventing lateral movement incidents and rendering extracted data unreadable to attackers.

Meeting Mandated Requirements under TSA SD02D

Certes DPRM seamlessly aligns with the TSA SD02D Mandate’s requirements:

Network Segmentation: Certes DPRM Crypto-Segmentation ensures robust segmentation between IT and OT systems.

Logical Zones: Certes DPRM supports the establishment of logical zones based on criticality, consequence, and operational needs.

Data Encryption in Transit: Certes DPRM ensures the protection of data while in transit, a crucial requirement for safeguarding critical systems.

Isolation of Industrial Control Systems: Certes DPRM facilitates the isolation of industrial control systems from IT systems during a cybersecurity incident.

Patch Management: Certes assists in controlling and securing patch management on critical cyber systems, addressing vulnerabilities promptly.

The TSA SD02D Mandate marks a pivotal shift in the way businesses approach cybersecurity. Customers are at the forefront of this transformation, facing heightened expectations for data protection and infrastructure resilience as well as the increased possibility of fines and even legal action against companies and persons when non-compliance is evident.

Certes DPRM stands out as a practical ally, offering advanced solutions to safeguard critical infrastructure and navigate the intricate world of cybersecurity with confidence.

Why not read more on how we can shield critical infrastructure in line with the TSA Mandate in our latest whitepaper here.