The Evolving Cybersecurity Landscape: Industry Perspectives on Securing the Nation's Infrastructure
2167 Rayburn House Office Building and online via videoconferencing
This is a full Transportation and Infrastructure Committee hearing.
Scott Belcher, President and Chief Executive Officer, SFB Consulting, LLC; testifying on behalf of Mineta Transportation Institute | Written Testimony
Megan Samford, Vice President and Chief Product Security Officer, Schneider Electric | Written Testimony
Thomas L. Farmer, Assistant Vice President, Security, Association of American Railroads | Written Testimony
Michael Stephens, General Counsel and Executive Vice President, Tampa International Airport | Written Testimony
John Sullivan, Chief Engineer, Boston Water and Sewer Commission; testifying on behalf of the Water Information Sharing and Analysis Center (WaterISAC) | Written Testimony
Gary Kessler, PhD, President, Gary Kessler Associates; testifying on behalf of The Atlantic Council | Written Testimony
Opening remarks, as prepared, of Railroads, Pipelines, and Hazardous Materials Subcommittee Ranking Member Rick Crawford (R-AR):
Thank you, Chair DeFazio.
As we all know, the cyber threats facing our Nation’s infrastructure have increased significantly as technology has become more essential and interwoven in our society – both in infrastructure, and more broadly in our daily lives. While technology has allowed us to innovate and create efficiencies in infrastructure and transportation networks, it has also brought us new threats and vulnerabilities.
Unfortunately, with recent high-profile cyberattacks, like those conducted on the Colonial Pipeline, or various wastewater treatment plants, we have seen a very clear need to better protect our Nation’s infrastructure through strong cybersecurity defense measures.
Fortunately, many transportation and infrastructure operators are already taking action to protect their assets, and the passengers and customers that rely on them.
While the federal government is working to help the private sector prevent, mitigate, and respond to cyber threats, our cyber adversaries’ technology is advancing more quickly than anything the federal government can mandate. In light of this reality, I look forward to hearing from our witnesses today about their best practices for cyber defense across varying transportation modes.
I also want to highlight a specific concern regarding the Transportation Security Agency’s (TSA) recent mandatory security directives on cybersecurity for pipelines and forthcoming directives for rail, transit, and aviation.
I am concerned that TSA’s recent security directives are overly prescriptive, rushed, and fail to take into account wholistic feedback from diverse stakeholders. I want to hear stakeholders’ input on this issue today, but we must also hear from government witnesses to get the full picture. So, I look forward to following up on this topic to ensure we get that perspective as well.
We need to hear how the various agencies are working with the operators of our Nation’s infrastructure as true partners in improving the standards and practices we’re using to protect America’s infrastructure and transportation networks from growing cyber threats.
Thank you and I yield back the balance of my time.