The Transportation Security Administration TSA is proposing to impose cyber risk management CRM requirements on certain pipeline and rail owneroperators and a more limited requirement on certain over-the-road bus OTRB owneroperators to report cybersecurity incidents. With the proposed addition of requirements applicable to pipeline facilities and systems TSA is also proposing that a requirement to have a Physical Security Coordinator and report significant physical security concerns be extended to the same facilities and systems. Finally TSA is proposing clarifications and reorganization of other regulatory requirements necessitated by these changes.