This is a potential security issue, you are being redirected to https://csrc.nist.gov.
You have JavaScript disabled. This site requires JavaScript to be enabled for complete site functionality.
Date Published: August 20, 2025
Comments Due: September 19, 2025 (public comment period is CLOSED)
Email Questions to:
[email protected]
This draft CSWP from the NIST National Cybersecurity Center of Excellence (NCCoE) presents cybersecurity challenges for owners and operators of public transportation services and describes the process for creating a Community Profile, set to publish later this year.
Transit operators face increasing cybersecurity risks that can impact the delivery of safe and reliable services. They must manage IT and OT system risks while meeting strict safety and operating demands. This CSWP outlines the preliminary content of a Transit Cybersecurity Framework (CSF) Community Profile, a voluntary, risk-based approach to enhance cybersecurity, reduce risks, and improve the cybersecurity posture of the transit community.
The Transit CSF Community Profile will suggest prioritization of cybersecurity outcomes to meet specific business/mission focus areas for the transit community and identify relevant security practices that can be implemented in support of those areas. This Profile is intended to complement, not replace, any existing cybersecurity programs, guidance, or policy that transit operators may already have in place.
We encourage you to review this document and provide comments by September 19, 2025. The NCCoE is seeking targeted feedback on the unique technical challenges of securing the transit sector, transit community priorities, and the set of standards, guidelines, and practices that address the needs of securing the transit ecosystem. If you have any questions, please email the team at [email protected].
Transit agencies face rising cybersecurity risks that can impact the delivery of safe and reliable transit services. This white paper outlines the preliminary content of a Transit Cybersecurity Framework (CSF) Community Profile that is intended to provide a mission-prioritized approach to identifying practical cybersecurity outcomes tailored to the sector’s cybersecurity challenges and priorities. It offers an update on the progress made to date, a preview of the priorities that the community shared that informs the Profile, and a general description of the essential features of a draft Profile. It is designed to engage public and private sector stakeholders in the transit community to inform a draft Transit CSF 2.0 Community Profile, set to publish later this year.
Transit agencies face rising cybersecurity risks that can impact the delivery of safe and reliable transit services. This white paper outlines the preliminary content of a Transit Cybersecurity Framework (CSF) Community Profile that is intended to provide a mission-prioritized approach to identifying practical cybersecurity outcomes tailored to the sector’s cybersecurity challenges and priorities. It offers an update on the progress made to date, a preview of the priorities that the community shared that informs the Profile, and a general description of the essential features of a draft Profile. It is designed to engage public and private sector stakeholders in the transit community to inform a draft Transit CSF 2.0 Community Profile, set to publish later this year.
None selected
Publication:
https://doi.org/10.6028/NIST.CSWP.51.ipd
Download URL
Supplemental Material:
Project homepage
Document History:
08/20/25: CSWP 51 (Draft)