A recent study from the Mineta Transportation Institute (MTI) found that only 60% of transportation agencies have a cybersecurity program, and 43% believe the program is inadequate. With technology as the future of transportation and cyberattacks on the rise for government entities, that’s concerning. It’s time to be proactive.
Later is too late
Like insurance, if you don’t have cybersecurity in place before an attack occurs then the damage is already done. Attacks are random and can use various methods, but without security, your agency’s risk is significantly elevated. Hackers often try to break into several systems, simply looking for an open door. Without security, your agency is most likely to get hit, and in the process you could lose money, valuable data, control of your systems, or all of the above.
More than your agency’s data is at risk
The Department of Homeland Security classifies transportation as one sector that, when breached, can become a national security risk. You don’t want to be the agency that allows that threat in. Additionally, because of the high risk and the findings from their study, the researching team at MTI recommended the Federal Transit Administration (FTA) require a minimum level of cybersecurity for agencies to receive funding. If that comes to fruition, your agency must acquire a security program anyway.
There is also a more local threat: the safety and livelihood of your traveling population. Transportation agencies often use IoT technology to control traffic safety measures. If a transportation system was breached, hackers would have access to tools such as Dynamic Message Signs and traffic signals. The implications of that could include fatal crashes and citizen panic, depending on how it was used.
What you need to do now
The most important thing is to develop a plan and begin enacting cybersecurity measures. So, where do you start?