Andrew Lintell , General Manager , EMEA , at Claroty , outlines why all organisations in the transport sector must ensure they have robust security in place .

he transportation sector is one of the

Despite their diversity , all of these organisations are united by escalated cyberthreats . As a sector with some of the largest physical operations , and one that is heavily linked to both business and civilian operations , transport is highly vulnerable to disruption .

Against escalating threats , all organisations involved in the transport sector must ensure they have robust security in place to deliver resilience and keep their operations moving in the face of disruptive attacks .

How digitisation has increased vulnerability

Transport organisations are heavily reliant on cyber-physical systems ( CPS ), where digital assets are connected with physical processes . This means disruptive attacks like ransomware can have a more significant impact than other sectors , as disabling a single system can cause an entire operation to screech to a halt .

Alongside this , these cyber-physical systems can also create an expanded attack surface for threat actors to exploit .

Internet of Things ( IoT ) devices , for example , are widespread in the transport sector in the form of sensors , cameras and many other uses . Yet they often lack robust security features , such as proper asset classification and segmentation protocols , which can create additional vulnerabilities . The risk extends beyond individual IoT devices to encompass the entire Extended Internet of Things ( XIoT ), which includes Industrial Control Systems ( ICS ), Operational Technology ( OT ), Industrial IoT ( IIoT ) and building management systems ( BMS ).

The push for connectivity and digitisation has amplified these vulnerabilities within the sector . Passengers expect real-time updates on transport services for example , and hauliers need to be able to monitor their fleets , necessitating continuous online connectivity . Additionally , vendors need access to OT , IoT and IIoT systems to monitor and maintain operations , but integration into the cloud for real-time analytics further exposes these systems to attackers .

Traditionally , OT systems were manually focused and isolated from IT networks and the Internet . Digital integration has enabled better efficiency through automation and remote access , but also exposed these systems to a connected environment they were never designed for . OT systems are rarely compatible with standard IT management and security solutions , making it even more difficult to identify threats .

The growing prevalence of ransomware attacks has affected both IT and OT environments and

Andrew Lintell , General Manager , EMEA , at Claroty

WWW . INTELLIGENTCISO . COM 63