* [Blog](https://www2.paloaltonetworks.com/blog)
* [Network Security](https://www2.paloaltonetworks.com/blog/network-security/)
* [Industrial OT Security](https://www2.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/)
* Navigating the TSA Cybers...

# Navigating the TSA Cybersecurity Directive for OT Compliance

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fnavigating-the-tsa-cybersecurity-directive-for-ot-compliance%2F)  
[](https://twitter.com/share?text=Navigating+the+TSA+Cybersecurity+Directive+for+OT+Compliance&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fnavigating-the-tsa-cybersecurity-directive-for-ot-compliance%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fnavigating-the-tsa-cybersecurity-directive-for-ot-compliance%2F&title=Navigating+the+TSA+Cybersecurity+Directive+for+OT+Compliance&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/network-security/navigating-the-tsa-cybersecurity-directive-for-ot-compliance/&ts=markdown)  
\[\](mailto:?subject=Navigating the TSA Cybersecurity Directive for OT Compliance)  
Link copied  
By [Ellie Proudler](https://www.paloaltonetworks.com/blog/author/ellie-proudler/?ts=markdown "Posts by Ellie Proudler") and [Daniel Pare](https://www.paloaltonetworks.com/blog/author/daniel-pare/?ts=markdown "Posts by Daniel Pare")  
May 19, 2025  
4 minutes  
[Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown)  
[Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)  
[Industrial OT Security](https://www.paloaltonetworks.com/blog/tag/industrial-ot-security/?ts=markdown)  
[OT security](https://www.paloaltonetworks.com/blog/tag/ot-security/?ts=markdown)

Aviation's increasing reliance on operational technology (OT) has made cybersecurity a critical pillar of safety and continuity. Cyberthreats targeting airports and aircraft operations are growing more sophisticated, underscoring the need for proactive defense strategies. The [2023 TSA Cybersecurity Directive](https://www.tsa.gov/news/press/releases/2023/03/07/tsa-issues-new-cybersecurity-requirements-airport-and-aircraft) provides a structured framework to safeguard essential aviation operations, emphasizing that OT security is no longer just a compliance requirement but a strategic imperative for operational resilience.

The directive calls for regulated operators to implement a comprehensive set of security measures that ensure safety even when one part of the network is compromised. These measures include:

* **Network Segmentation:** Develop policies and controls that ensure operational technology (OT) systems continue to function even if an IT system is compromised.
* **Access Controls:** Implement measures to prevent unauthorized access to critical cyber systems.
* **Continuous Monitoring:** Use detection policies and real-time analytics to identify and respond to cybersecurity threats.
* **Timely Patching and Updates:** Reduce exploitation risks by applying security patches and updates in a risk-based, timely manner.

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/05/TSA-Directive-Blog-table-v6.png)

# Network Segmentation for Isolation and Operational Continuity

Effective network segmentation is a cornerstone of OT security. It begins with [real-time asset discovery](https://live.paloaltonetworks.com/t5/community-blogs/asset-discovery-drives-ot-security-outcomes-to-enable-plant/ba-p/999012) that maps devices, their network behaviors, firmware versions, vulnerabilities and risk factors. This intelligence drives segmentation policies that isolate critical OT assets from IT breaches while ensuring continuous operations.

As digital transformation expands the OT attack surface through IT-OT convergence, SCADA modernization and remote operations, traditional segmentation methods are becoming inadequate. The [2018 Bristol Airport ransomware incident](https://www.darkreading.com/cyberattacks-data-breaches/ransomware-takes-down-airport-s-flight-information-screens) illustrates this risk. A more strategic segmentation approach could have contained the threat and protected essential systems. Executive leaders increasingly recognize zero-trust architectures and network segmentation as a core cybersecurity control that reduces exposure while maintaining operational integrity.

# Robust Access Controls for Least-Privilege Enforcement

Access control must go beyond simply restricting unauthorized entry. A risk-based policy framework should govern every aspect of an organization's security, from user credentials to device and application permissions.

A cybersecurity assessment of [airport building automation systems in 2018](https://www.pentestpartners.com/security-blog/mapping-the-attack-surface-of-an-airport/) revealed vulnerabilities in HVAC and lighting controls. With stronger access controls, only authorized personnel and devices would have been able to interact with these systems, significantly reducing exploitation risks. In aviation, where operational uptime is non-negotiable, enforcing least-privileged access is both a security necessity and a strategic business decision.

# Continuous Monitoring for Real-Time Threat Detection

Traditional monitoring methods often fail to keep up with rapidly evolving OT environments. Advanced monitoring solutions that leverage artificial intelligence and machine learning can establish behavioral baselines, enabling real-time anomaly detection and faster incident response.

Modern OT security integrates threat prevention, URL filtering, DNS security and signature-based detections, providing unified visibility across both legacy and emerging IoT/ OT devices. This approach helps bridge gaps between fragmented asset inventories and disparate security tools. During the [2017 Triton malware attack](https://www.technologyreview.com/2019/03/05/103328/cybersecurity-critical-infrastructure-triton-malware/), AI-driven monitoring could have potentially detected unauthorized modifications before they escalated into a full-scale crisis. As threats become more sophisticated, continuous monitoring is now a top priority for aviation executives seeking to safeguard mission-critical assets.

# Timely Patching and Updates for Proactive Vulnerability Management

Traditional patching cycles often do not align with the needs of critical OT environments. Virtual patching serves as an essential safeguard, reducing the attack surface while permanent updates are scheduled.

A risk-based patching strategy prioritizes remediation efforts based on business criticality, exploitability, internet exposure and active threat patterns. The global impact of the [WannaCry ransomware attack in 2017](https://www.cbsnews.com/news/wannacry-ransomware-attacks-wannacry-virus-losses/) demonstrated the danger of delayed patching. Although fixes were available, slow deployment led to widespread disruption. Aviation operators can enhance security while maintaining operational continuity by integrating continuous threat intelligence with automated workflows such as [Guided Virtual Patching](https://www.paloaltonetworks.com/blog/2024/10/safeguard-ot-environments-power-precision-ai/).

# A Blueprint for Resilient Aviation OT Security

The TSA Cybersecurity Directive offers more than a path to compliance---it provides a framework for operational resilience. Aviation organizations can transform regulatory challenges into strategic advantages by embracing robust network segmentation, comprehensive access controls, continuous monitoring and timely patching. In today's fast-evolving digital landscape, where cyberthreats are increasingly sophisticated, leaders must prioritize proactive defense strategies that keep pace with emerging risks.

# Strengthen Your Aviation OT Security Today

Take the first step toward comprehensive OT security tailored to your operational needs. Experience a free trial of [Industrial OT Security](https://start.paloaltonetworks.com/industrial-ot-security-free-trial) today and equip your organization with the tools to safeguard critical aviation operations.

*** ** * ** ***

## Related Blogs

### [Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### How OT Connectivity Is Changing the Security Landscape](https://www2.paloaltonetworks.com/blog/network-security/how-ot-connectivity-is-changing-the-security-landscape/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Prisma AIRS on NVIDIA BlueField Secures the Industrial Edge](https://www2.paloaltonetworks.com/blog/network-security/prisma-airs-on-nvidia-bluefield-secures-the-industrial-edge/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

[#### AI in OT Security --- Balancing Industrial Innovation and Cyber Risk](https://www2.paloaltonetworks.com/blog/2024/08/ai-in-ot-security/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Forrester Names Palo Alto Networks a Leader in OT Security](https://www2.paloaltonetworks.com/blog/2024/06/forrester-names-leader-in-ot-security/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Untangling IT-OT Security Knots with a Zero Trust Platform Approach](https://www2.paloaltonetworks.com/blog/2024/05/untangling-it-ot-security-knots/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Palo Alto Networks Paves the Way with New OT Security Innovations](https://www2.paloaltonetworks.com/blog/2023/11/new-ot-security-innovations/)

### Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language