This course will focus on the aviation and Internet infrastructures and the various policies that have been created to support and guide their cybersecurity programs. As part of the transportation and communication sectors, the aviation and Internet infrastructures can also be considered "lifeline infrastructure". The Department of Homeland Security National Protection and Programs Directorate manages the DHS National Infrastructure Protection Program. Both subsectors fall under the Department of Homeland Security National Protection and Programs Directorate. The SSA responsibility for aviation is shared by the Transportation Security Administration (TSA) and Federal Aviation Administration (DHS), respectively. Only the Sector-Specific Agency responsible for the Internet subsector is the Department of Homeland Security. TSA and FAA are responsible for the regulation of the aviation sector, but DHS does not have any regulatory authority over the Internet. Both sets of SSAs recommended that cybersecurity measures be continued in response to Executive Order 13636, which was issued by President Obama on February 2013. TSA and FAA both reported that they were working together to implement the Transportation Roadmap in all subsectors of transportation, including aviation. DHS stated that it was working closely with Internet providers in order to implement the Cyber Assessment Risk Management Approach. Although there are some differences, CARMA and the Transportation Roadmap are very similar to the NIST Cybersecrity Framework (ES-C2M2) and the NIST Cybersecrity Framework (ES-C2M2). They are based on continuous improvement processes that involve the entire organization in identifying and implementing small changes to improve cybersecurity practices. This module will focus on both the aviation and Internet infrastructure subsectors. It also examines elements and the application of the Transportation Roadmap as well as CARMA.
