The DOT’s best practices aim to reduce the probability of a cyberattack or mitigate a successful intrusion.