Cybersecurity Resources
The Office of Sector Cyber Coordination has developed a technical assistance guide to outline the U.S. Department of Transportation's (DOT's) cybersecurity approach for its grant funded projects. This technical assistance helps grantees understand when they may be subject to DOT cybersecurity requirements, what DOT’s current cybersecurity requirements are, and what informational resources are available to help grantees meet the cybersecurity requirements.
To access the technical assistance curriculum: Implementing Cybersecurity Actions into Transportation Infrastructure Projects
Incident Reporting Resources
Incident Response Plan Resources
- Computer Security Incident Handling Guide, NIST Special Publication 800-61 (NIST)
- Handbook for Computer Security Incident Response Teams (CSIRTs)
- Contingency Planning Guide for Federal Information Systems, NIST Special Publication 800-34 Rev.1 (NIST)
- Responding to a Cyber Incident (NIST Small Business Cybersecurity Corner)
- 8 Incident Response Plan Templates and Why You Should Automate Your Incident (Cynet)
- IT Disaster Recovery Plan (Ready.gov)
- Incident Response Plan Basics (CISA)
- Federal Government Cybersecurity Incident & Vulnerability Playbooks (CISA)
- Incident Response Training (CISA)
- Incident Response Plan Example (California Department of Technology)
Cybersecurity Self-Assessment Resources
- Cybersecurity Assessment Tool for Transit (DOT)
- Cybersecurity Performance Goals Checklist (CISA)
- Cybersecurity Maturity Model Certification (DOD)
- Cybersecurity Evaluation Tool (CISA)
- Cybersecurity Resilience Review (CISA)
- CIS Controls Self Assessment Tool (CIS CSAT)
- FFIEC Cybersecurity Assessment Tool (FFIEC)
General Cybersecurity Resources and Best Practices
- Small Business Cybersecurity Corner (NIST)
- Blue Cyber Education Series for Small Business (Department of the Air Force)
- Security and Privacy Controls for Information Systems and Organizations, NIST 800-53 (NIST)
- Information Technology Best Practices (Software Engineering Institute)
- Stop Ransomware (CISA)
- TSA Security Directives and Emergency Amendments (TSA)
- Cyber Guidance for Small Businesses (CISA)
- Cybersecurity Awareness Program Small Business Resources (CISA)
- Small and Medium Business Cyber Resources (CISA)
- Federal Virtual Training Environment (FedVTE)
- Cyberplanner (FCC)
Are you a grantee interested to better understand the additional requirements associated with DOT grant funding? Please visit the U.S. DOT Project Delivery Center of Excellence, and its Project Delivery Toolbox for additional information.