INDUSTRY WATCH

Despite their diversity , all of these organisations are united by escalated cyberthreats . As a sector with some of the largest physical operations , and one that is heavily linked to both business and civilian operations , transport is highly vulnerable to disruption .

Against escalating threats , all organisations involved in the transport sector must ensure they have robust security in place to deliver resilience and keep their operations moving in the face of disruptive attacks .

How digitisation has increased vulnerability

Transport organisations are heavily reliant on cyberphysical systems ( CPS ), where digital assets are connected with physical processes . This means disruptive attacks like ransomware can have a more significant impact than other sectors , as disabling a single system can cause an entire operation to screech to a halt .

Alongside this , these cyber-physical systems can also create an expanded attack surface for threat actors to exploit .

Internet of Things ( IoT ) devices , for example , are widespread in the transport sector in the form of sensors , cameras and many other uses . Yet they often lack robust security features , such as proper asset classification and segmentation protocols , which can create additional vulnerabilities . The risk extends beyond individual IoT devices to encompass the entire Extended Internet of Things ( XIoT ), which includes Industrial Control Systems ( ICS ), Operational Technology ( OT ), Industrial IoT ( IIoT ) and building management systems ( BMS ).

The push for connectivity and digitisation has amplified these vulnerabilities within the sector . Passengers expect real-time updates on transport services for example , and hauliers need to be able to monitor their fleets , necessitating continuous online connectivity . Additionally , vendors need access to OT , IoT and IIoT systems to monitor and maintain operations , but integration into the cloud for real-time analytics further exposes these systems to attackers .

Traditionally , OT systems were manually focused and isolated from IT networks and the Internet . Digital integration has enabled better efficiency through automation and remote access , but also exposed these systems to a connected environment they were never designed for . OT systems are rarely compatible with standard IT management and security solutions , making it even more difficult to identify threats .

The growing prevalence of ransomware attacks has affected both IT and OT environments and increased the need for thorough visibility across all CPS . This visibility is crucial for quickly detecting and mitigating breaches , safeguarding the future of transport operations .

Crucial need for enhanced visibility

The lack of visibility into industrial networks compounds the challenge of managing system failures . A simple issue like a power outage or a CCTV breakdown could have multiple implications such as a technical glitch needing routine maintenance , a cybersecurity threat warranting investigation , or even potential vandalism requiring police attention . For transport operators to manage these issues effectively while adhering to strict international Safety Integrity Level ( SIL ) standards , comprehensive visibility and control over their networks are essential .

As many transport organisations fall under the CNI umbrella , they frequently need to guarantee constant uptime . For example , a cyberattack leading to a prolonged national transport disruption would have wide-ranging effects , not just on daily commutes but also on the wider economy . Furthermore , as transactions for tickets and services increasingly move online , transport entities manage vast quantities of sensitive financial information . A breach could therefore not only disrupt operations but also lead to significant financial theft and reputational damage , affecting customer trust and loyalty .

Andrew Lintell , General Manager , EMEA , at Claroty

www . intelligentcio . com INTELLIGENTCIO EUROPE 67