The Department of Transportation’s Federal Highway Administration, or FHWA, is soliciting public comments on its proposal to allow transportation authorities to voluntarily use the Cyber Security Evaluation Tool to detect, respond to and recover from cyber incidents.

The tool, dubbed CSET, is a software platform designed to help organizations evaluate their cybersecurity posture, develop structured improvement programs, identify vulnerabilities and assess cybersecurity practices, according to a Federal Register notice published Tuesday. It was developed by the Cybersecurity and Infrastructure Security Agency.

CSET also comes with a range of questionnaires and modules meant for different critical infrastructure sectors.

According to the notice, the Bipartisan Infrastructure Law requires FHWA to develop a tool that could assist transportation officials in identifying and protecting against cyberattacks.

“The CISA’s cybersecurity mission is to defend and secure cyberspace by leading national efforts to drive national cyber defense, resilience of national critical functions, and a robust technology ecosystem. The FHWA therefore thinks it is appropriate to leverage CISA’s expertise instead of attempting to create a separate and potentially duplicative tool,” the notice reads.

Public comments are due April 19.

Join the Potomac Officers Club’s 2024 Cyber Summit on June 6 and hear cyber experts, government officials and industry leaders discuss the latest trends and the dynamic role of cyber in the public sector. Register here.

Rockwell Automation has joined the Department of Energy’s Cyber Testing for Resilient Industrial Control Systems program, also known as CyTRICS, to perform cybersecurity vulnerability testing of multiple critical infrastructure components.

Under the CyTRICS program, Rockwell Automation will submit critical infrastructure components to be tested for potential cybersecurity vulnerabilities at the Idaho National Laboratory, DOE said Thursday.

Rockwell Automation is the sixth private-sector company to join the vulnerability testing initiative, which aims to ensure the security of the U.S. energy sector supply chain by utilizing the analytic tools and capabilities at DOE’s national laboratories to assess the cyber resilience of high-impact energy systems.

“As we navigate an increasingly digital world, ensuring the security of our automation products is paramount to Rockwell and its customers. This collaboration provides a unique opportunity to leverage the National Laboratory’s industry-leading expertise, analytics, and capabilities to strengthen the security posture of our products and affirm our commitment to transparency,” said Tony Baker, chief product security officer at Rockwell Automation.

DOE also added Westinghouse Electric Company to the CyTRICS program in early February to test one of its instrumentation and control systems for nuclear applications.

Army Col. Richard Leach, director of intelligence at the Defense Information Systems Agency, said that in addition to the remote work arrangement, the adoption of artificial intelligence and other emerging technologies has transformed the cybersecurity landscape.

At a summit on Wednesday, Leach discussed how AI could enable hackers to immediately look for information on high-value individuals and find code that could allow them to breach internet-connected devices, DISA said Friday.

During the fireside chat, he also cited how AI could help analysts speed up their work.

“There’s no way I can hire enough analysts to sort through all of that, so we’re going to have to use those APIs and those large hybrid models to sort through the data,” he noted.

Leach additionally discussed DISA’s transition to zero trust and the importance of cyber education.

Join the Potomac Officers Club’s 2024 Cyber Summit on June 6 and hear cyber experts, government and industry leaders discuss the latest trends and the dynamic role of cyber in the public sector. Register here.