The cybersecurity challenge in rail and transit
January 21, 2021
January 21, 2021
Cyber risk used to be a relatively simple matter of securing sensitive operator and customer data and was largely the responsibility of information technology (IT). But as technologies converge, more such risks are now associated with operations technology (OT) and Internet of Things (IoT)/Industrial Internet of Things (IIoT) infrastructure and services, whose security poses different challenges.
Meanwhile, the industry’s highly dispersed traditional operations are combining with an emerging mobility ecosystem. The development of Mobility as a Service (MaaS), which allows high volumes of user data to be exchanged via multi-operator technology platforms, is already challenging data protocols. As more third-party relationships evolve, the potential “attack surface” expands significantly. In fact, no area of the transit value chain is immune from cyber sabotage.
Operators need a strong yet agile security program, which incorporates the entire organization plus all partners and stakeholders. It should be based on a robust set of core capabilities that apply security-by-design principles and ensure end-to-end security testing.
It should also mature over time, taking a lifecycle approach that addresses all areas of the value chain with continuous improvements as new technologies materialize, and leveraging those innovations to meet emerging operational and customer experience demands.
A resilient response to mounting cybersecurity challenges in rail and transit should also mature over time—hence the need for a mindset of continuous improvement.
Define the desired security outcomes, including assessment and planning outcomes.
Establish baseline capabilities.
Establish advanced capabilities.
Data privacy issues are likely to intensify as more and more customer data is shared across an expanding ecosystem. COVID-19-related contact-tracing has already compounded the challenge of ensuring cybersecurity without compromising privacy—and new risks are constantly arising.
A multi-stranded approach can help build the resilience transit organizations need to move forward with confidence. It takes full account of the converging technologies and expanding ecosystems that are driving the expansion of cybersecurity risks. It provides a framework of core capabilities robust enough to tackle them. And by affirming the critical importance of continuous improvement it helps ensure that organizations’ resilience matures over time.
About the Authors