Why We Need Better Cybersecurity for the Transportation Sector

    1520

    Cybersecurity is one of the most significant threats facing virtually any industry today. While many sectors didn’t have to worry about cybercrime in the past, rapid digitization and increased connectivity have opened the door for new risks. The transportation industry is a prime example of this shift.

    Not long ago, the transportation sector had little need for robust cybersecurity. The industry still isn’t one people think of immediately when they think of cybercrime, but that needs to change. Transportation companies are vulnerable, which presents monumental risks.

    Here are five reasons why the transportation sector needs better cybersecurity.

    1. Cybercriminals Are Targeting Transportation

    The first and most significant reason why transportation cybersecurity should improve is the industry’s growing cybercrime rate. According to a recent Check Point study, ransomware attacks in the sector have increased by 186% since 2020, more than any industry besides education. This trend indicates that cybercriminals are favoring the transportation sector.

     

    Transportation companies have found themselves in the center of several high-profile cases lately, too. The late 2020 Sunburst attack potentially breached thousands of transit organizations, including the San Francisco International Airport. If cybersecurity in the industry doesn’t improve soon, these attacks could become even more frequent and destructive.

    1. Transportation Connectivity Is Growing

    Another concerning security trend in the transportation sector is its growing reliance on the internet of things (IoT). IoT connectivity is skyrocketing in the industry. In the Department of Transportation’s 2015 smart city initiative, 53 of 78 cities recommended connecting vehicles to nearby infrastructure. This increased connectivity presents new vulnerabilities.

    Every IoT device in a supply chain or smart city represents a potential gateway for hackers. As transportation organizations implement more of these devices, which often lack sufficient built-in security, they expand their attack surface. Without better cybersecurity standards, this increasing connectivity will invite cybercrime and increase the likelihood of a successful attack.

    1. Securing Transportation Is Challenging

    Cybersecurity in transportation businesses is challenging, but that only raises the need for it. Businesses like airports require a unique mix of security and business requirements to balance efficiency, transparency, and safety. Tighter security can often get in the way of transit companies’ business goals, or at least it appears that way, so they tend to opt for the latter.

    Ironically, this challenge means security is all the more important. If businesses overlook security in the name of simplicity, they leave themselves vulnerable. The industry needs a renewed focus on cybersecurity to navigate these challenges and enable both security and efficiency.

    1. Transportation Cyberattacks Can Be Devastating

    Another factor that heightens the need for cybersecurity in the transportation sector is the industry’s sensitivity. Many other sectors rely on transportation services, so an attack on these businesses can have devastating ripple effects. There is too much to lose in this sector for cybersecurity to become an afterthought.

    A recent report from IBM found that transportation is the tenth most costly industry for experiencing a data breach. On average, breaches cost transit companies $3.58 million per incident and take 275 days to contain. As cyberattacks on the sector grow increasingly common, these figures could grow, leading to incredible losses.

    1. Transportation Companies Are New to Cybersecurity

    Finally, the transportation industry needs better cybersecurity because it’s largely unfamiliar with the concept. The need for cybersecurity in these companies, especially traditionally low-tech subsectors like trucking, is relatively new, so they don’t understand the risks or best practices. This lack of expertise can lead them to overestimate their security or misunderstand the vulnerabilities they create.

    A 2021 study from the Mineta Transportation Institute highlights the disconnect this inexperience creates. While more than 80% of transit agencies said they were prepared for a cybersecurity threat, only 60% had any cybersecurity programs in place. Industry standards must grow more robust, including training workers and company leadership, for transportation to be safe.

    Cybersecurity in the Transportation Sector Must Improve

    As transportation companies become increasingly reliant on digital technologies, their security must advance further. The industry, as it stands right now, has much to lose and little in place to protect itself against rising cyber threats. The need for stronger cybersecurity is urgent and growing.

    Recent high-profile breaches may bring more emphasis to this field. Still, the sector can’t wait for a devastating attack to push it towards higher security standards. Companies must revisit their cybersecurity strategies before another breach occurs.