The digital transformation is rapidly moving the transport industry from a closed, patented and analogous ecosystem to an open, networked and always active mobility platform. It is already an excellent example of the efficiency and revenue-generating potential of the Internet of Things (IoT), and soon, as promised by legacy and upstart automakers, it will become the prototype of the future autonomous robotic, powered by artificial intelligence. .
Becoming digital, however, means a new life in the cybersecurity trenches.
The Cisco Mid-Year Cybersecurity Report 2017 includes interesting findings from a survey of 180 information security officers and security operations professionals in the transportation industry. These are the highlights, backed up by comments from Joe Kirk, CIO of the Tennessee Department of Transportation (TDOT), "moving Tennessee forward" for more than 100 years and winner of the 2017 National Road Safety Award.
The transportation industry, reports Cisco, increasingly uses the Internet as its network of choice due to several factors: the increase in maintenance costs and the complexity of existing proprietary systems; new consumer demands for security and mobility services (for example, the use of applications in their cars); and the employees of transport organizations require more and more ease of use of the connected systems.
"Our transportation network was built over many years," says Kirk, "mostly outside of IT control, which has created several challenges as we prepare to face the challenges of urbanization, population growth and connected and autonomous vehicles ". Kirk sees three key challenges related to cybersecurity: providing security to legacy devices that do not support current technology; have a workforce with the right skills to manage modern networks; integrating the separate worlds and skill sets of Information Technology (IT) and Intelligent Transport Systems (ITS) to create the optimal basis for a modern transportation system.
The transport industry is already being attacked
Cisco reports that almost half of the transport security professionals have already addressed public scrutiny due to a data breach. 35% said they see thousands of daily threat alerts, of which only 44% are investigated. Of the alerts investigated, 19% are considered legitimate threats, but only 33% of legitimate incidents are remedied.
Infractions can also have a lasting impact on the industry. 31% of security professionals said their organizations lost revenue due to last year's attacks, with an average revenue loss of 9%. In addition, 22% said they lost customers and 27% said they lost opportunities due to the attacks.
More than a third of transport security professionals said advanced persistent threats (APT) and the proliferation of BYOD and smart devices were high security risks for their organizations. In addition, 59% of security professionals said that infrastructure in the cloud and mobile devices are among the most challenging risks to defend against attacks.
As Kirk explains, human error is often the culprit. "Bad guys just have to find a hole once to get in, but we have to stop them every time to keep them out, all the technology in the world will not prevent a user from clicking on the wrong link," he says. As a result, in TDOT as in many other companies, many resources are dedicated to educating the workforce about the best cybersecurity practices. However, "Internet of Things changes that priority a bit," says Kirk. "You will not educate a device that is on the side of the road." The solution, in his opinion, is to have "an operating system for the Internet of things that does not depend on people doing the right thing".
The scarcity of cybersecurity skills negatively affects transport organizations
29% of cybersecurity professionals say that the lack of trained personnel is a major obstacle to the adoption of advanced technologies and processes. "This is particularly challenging for state governments," says Kirk. "One way to combat this is to find quality partners and cybersecurity experts to enter and educate your staff, find someone to teach your young engineers."
In fact, almost 50% of organizations outsource some or all of their security tasks to compensate for the lack of internal expertise, Cisco reports. Of the organizations that subcontract, cost efficiency (52%) and impartial vision (44%) were the main reasons for doing so.
But Kirk warns about relying too much on external experience. "We firmly believe that we must build the right level of experience and culture within TDOT before delivering part of the work to outside services," he says. "We want our partners to complement and support our team, but we do not want them to develop our strategy, we have many partners and we can not allow each of them to manage their own strategy, it is our responsibility to have the overall vision."
The value of Big Data on the edge
To meet the demands of access to information, transport security teams recognize that the data must be located at the edge of the network and be available in real time. Controlling access to data, and making sure it is available to those who need it, is a key concern for security professionals, reports Cisco. They also recognize that this problem will only increase as they eliminate closed and patented systems, and expect to have to manage a greater number of more complex threats.
"A Department of Transportation (DOT) owns an asset that no one else owns, the right of way on the side of the road," says Kirk. "A huge amount of data will flow between all the vehicles and devices that make up a modern transportation system."
This represents an unprecedented opportunity for transport departments. "We have to put the intelligence on the network to know when it is necessary that these data go back to the DOT, so that it can be used for capacity planning and when they should use our road devices to increase road safety," Church says. "It's a challenge, but we believe that the network we are building today lays the foundation for this type of work tomorrow," he adds.
