"The purpose of this document, TSS [Transportation Systems Sector] Cybersecurity Framework Implementation Guidance is to provide the Transportation Systems Sector guidance, resource direction, and a directory of options to assist a TSS organization in adopting the NIST [National Institute of Standards and Technology] Framework. The implementation guidance may be used by organizations to accomplish the following:  Characterize their current and target cybersecurity posture.  Identify opportunities for evolving their existing cybersecurity risk management programs.  Recognize existing sector tools, standards, and guidelines that may support Framework implementation.  Assess and communicate their risk management approach to both internal and external stakeholders. This implementation guidance can be incorporated into an organization's culture regardless of the organizations current cybersecurity maturity level. For organizations that do not have a formal cybersecurity risk management program, this implementation guidance can help them to comprehend, evaluate, and establish the organizations cyber risk priorities. For those organizations that have a formal risk management office or program in place, this guidance provides additional mechanisms to review existing programs and identify areas for improvement, while aligning current efforts to the Framework."
|Publisher:||United States. Department of Homeland Security|
|Retrieved From:||Department of Homeland Security: https://www.dhs.gov/|