Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Planes, Trains, Automobiles, and Digital Transformation

Cybersecurity for Transportation

When most people think about technology innovation in the transportation sector, connected and self-driving cars immediately come to mind. But digital transformation is happening across other transportation industries as well.

Cybersecurity for Transportation

When most people think about technology innovation in the transportation sector, connected and self-driving cars immediately come to mind. But digital transformation is happening across other transportation industries as well.

Long recognized for its excellence across the supply chain, DHL has added head-mounted displays that use augmented reality to streamline the picking process, increasing employee productivity while maintaining shipment accuracy. Dehli International Airport Limited (DIAL) is using digital technology to understand passenger preferences so that retailers are better prepared to accommodate airport visitors with the right products and services at the right time. Komatsu uses sensor tracking in construction and mining vehicles to create valuable global economic data that can be used to anticipate and plan for evolving demand patterns. Metrolinx, a government agency of Ontario, operates a state-of-the-art connected rail system that includes free passenger Wi-Fi, onboard infotainment, and fare collection and validation, with more innovations to come. And these are just a few examples.

A few notable trends are making digital transformation a priority for many transportation providers.

Commoditization. This phenomenon is nothing new. Twenty years ago PCs cost upwards of $5,000. Today price tags are a fraction with profits for PC manufacturers coming from software, services, subscriptions, and apps. Cell phone manufacturers have witnessed the same. We now see commoditization happening in the auto industry. So, who owns the road? As cars become increasingly software driven, automakers and software providers are both trying to claim the drivers’ seat. Drivers want their cars to behave like smart devices on wheels, the mobile-mobile. A study by PwC finds that profit models for auto manufacturers are shifting from product and feature functionality to software/services based on digital technologies.

Data is king. From data that tracks operator habits, or provides parking, dinner or music recommendations, to data that optimizes fleet management, ensuring trucks and their payloads arrive at their destinations in the most efficient way possible. Across the transportation sector there is growing recognition that data is valuable.

Tapping into telematics. As the cost for telematics declines, more transportation providers are able to use telematics to gain greater insights into fleets of vehicles, aircraft, ships, and railcars. Transportation providers that monitor sensors and make that data actionable will lead in this new digital era, increasing operational efficiencies, reliability, and safety. For example, by monitoring sensors that track equipment usage and wear, transportation providers can begin to anticipate when equipment is at greater risk of failure and be more proactive with maintenance.

Third-party interconnectivity. Planes, trains, automobiles – you name it – OEMs have always been part of the manufacturing supply chain. Now new partners are extending the supply chain as a data economy has emerged around the transportation sector. These partners buy, analyze, and sell data used to drive decision making related to sales, marketing, insurance, product development, and more.

Advertisement. Scroll to continue reading.

Transportation providers that are poised to take advantage of these trends can gain significantly. For example:

New and diversified revenue streams through selling connected car packages, revenue sharing with an ecosystem of service partners across the supply chain, or packaging data that can be monetized.

Operational efficiencies gained through predictive maintenance, fleet management, and asset optimization that extend asset life; increase uptime; improve safety; and reduce insurance, fuel, and maintenance costs.

Improved customer experience which is what today’s customers are evaluating and buying – the overall transportation package.

Transportation providers aren’t the only ones to gain from digital transformation. Consumers, communities, government, and the economy overall can benefit as well. But as I’ve discussed previously with respect to digital transformation in healthcare, energy, and manufacturing, it has to be done right – with security as a foundation.

We’ve all heard about the demonstrations of car hacking. Besides the serious safety risk, the cost in recalls and reputation from such an attack would severely damage a brand. Extended supply chains can increase security risk as well, as attackers look to a company’s partners for weaknesses in defenses. Transportation routes could also be disrupted by a cyber attack, adversely affecting the economy, potentially on a global scale.

To develop a strong security posture while capturing digital value, transportation providers need to ask themselves some important questions, including:

1. Where does security reside in my company? Security can’t be put into a silo and removed from the business decision making process. To be effective, a strong security team, represented by the CISO, must be part of the executive team and empowered to help make business decisions.

2. Do we have the necessary visibility to understand and manage third-party risk? As the number and types of partners, services and interactions with different companies along your supply chain expand, third-party security is increasingly important. To be able to trust the development efforts done by a myriad of groups, secure software development is paramount. All parties must engage in Secure Software Development Lifecycle, where security is built into development processes and testing and security assessments provide a high level of assurance.

3. Are we prioritizing our security investments appropriately? Threat modeling helps you understand the types of threats and level of exposure you face. With this knowledge you can align your security investments with business goals and create short- and long-term plans to strengthen your security posture.

Digital transformation isn’t going to happen overnight, but the transportation sector is well on its way. Security must go hand-in-hand with important business decisions. And, it must evolve as the business and threat landscape changes in order for transportation providers to move forward with confidence. With a focus on secure digital innovation, the entire transportation sector can create new strategies to capture value while improving safety, efficiency, reliability, and the customer experience.

Related: Learn More at SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Siemens and Schneider Electric address nearly 100 vulnerabilities across several of their products with their February 2023 Patch Tuesday advisories.