Cybersecurity, Privacy, and Digitization Digitization – automating processes, like the use of E-ZPass – is an important part of the MDTA’s modernization plan. However, increasing digitization also requires improved cybersecurity to protect digital systems and networks from attacks that can cause damage to or theft of hardware, software, or data, in addition to disruption of MDTA services. MANAGEMENT OF CYBERSECURITY, PRIVACY, AND DIGITIZATION Maintaining strong cybersecurity, privacy, and customer data protection as well as responsibly managing technology supports the success and security of the MDTA in an increasingly digital world. Information security for the MDTA applies to all aspects of MDTA’s operations, customers, and employees. The MDTA has already modernized its systems and advanced automation in its operations eight years ago. It is currently conducting readiness analyses for additional modernization, which includes modernizing both of the agency’s two data centers to replace uninterruptible power supply units and cooling units. The MDTA conducts full penetration testing every two years, and constantly monitors threats. Qualsys scans are run on all websites for vulnerabilities. If vulnerabilities are identified, they are addressed immediately. The MDTA has established a robust Business Continuity and Disaster Recovery plan that outlines the process for identifying, addressing, and recovering from a potential data breach. The MDTA’s processes and systems fully align with State and federal regulations on digitization, privacy, and cybersecurity. Information security for the MDTA applies to all aspects (both internal and external) of its operations and employees.
FEDERAL HIGHWAY ADMINISTRATION (FHWA) METRICS FOR COMPLIANCE – TUNNELS Like the compliance matrices shown for Bridges, the FHWA administration performs audits on Tunnel Programs in accordance with the NTIS. In 2019, the NTIS adopted a list of 15 compliance metrics for tunnels. Both FHWA assessment levels and compliance results are the same for bridges and for tunnels. In 2022 and 2023, the MDTA was issued an audit at an intermediate level on all 15 matrices. In addition, neighboring FHWA Division Engineers from Pennsylvania and Virginia along with Maryland, conducted a multi-day field review. The MDTA was found Compliant in all metrics and Substantially Compliant in four. Undertaking an improvement plan for each matrix, new directives were issued into the Facility Inspection Manual to close any gaps, enhancements were made concurrently to the reporting of tunnel inspection functional systems, and conditions were reported. Similar to the compliance results for Bridges, the MDTA expects final results from the FHWA in March 2025. LEAD AND ASBESTOS MANAGEMENT The agency’s Office of the Environment, Safety and Risk Management has asbestos and lead paint management programs that develop and update site-specific lead and asbestos management plans. This includes coordinating medical monitoring, training and equipment needs as well as ensuring inclusion of lead or asbestos management requirements into facility maintenance, construction, renovation, and/or demolition plans. Additionally, the agency maintains programs for its fuel oil storage tanks (above and underground) as well as for managing hazardous waste generated during routine operations.
11 Environmental, Social, and Governance Report
Made with FlippingBook Ebook Creator