NIST releases a new draft cybersecurity framework for systems that never stop moving
NIST releases a new draft cybersecurity framework for systems that never stop moving
Publish Date: 2026-01-29 17:36:00
Source Domain: www.nextgov.com
As far back as 2013, the federal government started directing resources toward protecting assets, organizations and technology deemed as critical infrastructure. While the definition of critical infrastructure has been fluid as new sectors are added, it is generally defined as anything whose loss would impact the health, safety, security or economic well-being of many people, or even the entire nation.
Critical infrastructure has been further defined by the Cybersecurity and Infrastructure Security Agency (CISA) as centering on chemical manufacturing, communications, commercial facilities, critical manufacturing, dams, the defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare, information technology, nuclear reactors, transportation and water systems.
Over the years, there have been many efforts launched to improve cybersecurity in most critical sectors. For example, in 2015 there was a big push to secure the power grid, which is still ongoing today. In fact, public utilities of all types have been getting a lot of attention, and rightfully so. But one area has lagged pretty far behind the others, and that is transportation. Yes, it’s important to secure things like power plants and water systems, but public and private transportation systems are also important. What if a disaster happens at the same time that transit systems are attacked? That could stall or even prevent evacuation efforts. And yet, relatively little has been done to look specifically at cybersecurity issues within transportation.
The newly released draft Transit Cybersecurity Framework Community Profile paper aims to change that. Developed by the National Institute of Standards and Technology’s National Cybersecurity Center of Excellence (NCCoE), the voluntary framework is now open for public comment through February 23, 2026. It arrives at a moment when transit agencies are grappling with expanding digital systems,…
