Railway cybersecurity must never be taken lightly

Posted on March 7, 2018 by - Also by this author

This short news item about cybersecurity will surprise you. It’s easy to shrug it off, but it does make the point that cracking an organization’s cyber defenses doesn’t always take a sophisticated hack by a foreign government or crime syndicate. Many security breaches are traced back to human error, from lack of compliance with security policies to configuration errors. Even the best-trained staff can be overwhelmed by the sheer volume of daily alerts that need to be tackled. However, automation makes execution of repeatable actions without human intervention and orchestration chains possible, speeding up the investigation and mitigation of incidents.

Cracking an organization’s cyber defenses doesn’t always take a sophisticated hack by a foreign government or crime syndicate.

Cybersecurity is a growing issue for many railway operators as they adopt IP-based network technologies to deliver broadband coverage onboard and for mission-critical train control systems. That’s because these networks tend to be more open and more interconnected. The more parts of a railway communication infrastructure exposed to the internet, the more vulnerabilities might arise. Besides, there is a massive cybersecurity skillset shortage globally, rendering human-centric and manually intensive incident response strategies insufficient.

Consequently, railway communications security must be stepped up. Key capabilities to efficiently protect networks include:

  • Security automation that encompasses business processes.
  • Incident response plans.
  • Regulations and policies.
  • End-to-end security that encompasses network operations and processes.
  • Security analytics to correlate security-related information from across the network.
  • Devices and cloud layers to spot suspicious anomalies and provide insight into threats.
  • Multiple layers of encryption to protect network traffic.

Adding machine learning to the mix enables organizations to identify potential compromises by using threat intelligence information across the network, device, and cloud layers. Such a multi-layered and active defense-in-depth approach provides the right balance of costs with the protection needed to defend against today’s security threats.

The risks are hard to understate. In the U.S., cybersecurity is a serious economic and national threat with the U.S. Computer Emergency Readiness Team (US-CERT) creating a framework to support the protection of critical infrastructure. In Europe, the EU has proposed a cybersecurity strategy outlining its vision, clarifying roles and responsibilities, and defining actions required to protect citizens. In Asia, some governments have established national cybersecurity policies.

So, it’s only natural that railway operators need to deploy equally serious protection measures. Organizations must focus on

  • Detecting and mitigating new threats,
  • Reducing the vulnerable surface area,
  • Improving analytics to correlate data from multiple domains and to help identify suspicious, malicious, or inadvertent anomalies.

Combining threat intelligence data and security analytics makes it possible to detect threats and prescribe the appropriate response more effectively, providing strategic mitigation to strategic threats.

This way operators not only protect themselves against potential loss of revenue and the high costs of service restoration and passenger compensation, but they can build their brand as an operator that helps their passengers to spend worry-free, secure time onboard.

Karsten Oberle is Global Practice Lead within Transportation Sales in the Nokia TEPS (Transportation, Energy, and Public Sector) Division. To view a video about Nokia's cybersecurity for rail, click here

View comments or post a comment on this story. (0 Comments)

More Transit Dispatches Blog Posts

April 24, 2018

Amid Automation Trend, Here's Why We Still Need Bus Drivers

The driverless option will severely impact the four million commercial drivers working in the U.S., according to a 2014 Goldman Sachs report. These figures suggest the loss of 25,000 jobs per month during the height of the autonomous vehicles saturation into the industry.

April 17, 2018

Transit Facility Center Gives Help, Hope to Those 'With Nowhere to Go'

Transit facilities — train stations, bus depots and transportation centers — are often the shelter of choice for people experiencing homelessness, especially when weather conditions make it too dangerous to stay outside.

April 11, 2018

Mass Transit Must Integrate Data, Tech to Be Part of Mobility Landscape

Startups and legacy industries are harnessing big data to transform and revolutionize the ways their services are offered. Among the sectors sitting on the richest mines of data is public transportation, with municipalities and service providers boasting decades of data on urban transportation and mobility.

March 27, 2018

Public Transit Needs a Voice in Automated/Autonomous Vehicle Regulatory Talks

This technology will forever change transportation on a local level and national scale; the time is ripe for public transit agencies and OEMs to be more visible in shaping the outcome of these discussions, regulations, and laws.

March 22, 2018

Lyft and Uber Can Save Transit — if Transit Gets on Board

Bad news for transit keeps rolling in. Transit ridership declined in 34 of the 40 largest metropolitan areas over the past three years. While ridership routinely fluctuates in response to economic upturns and downturns and other trends, this decline seems more profound.

See More

Post a Comment

Post Comment

Comments (0)

More From The World's Largest Fleet Publisher

Automotive Fleet

The Car and truck fleet and leasing management magazine

Business Fleet

managing 10-50 company vehicles

Fleet Financials

Executive vehicle management

Government Fleet

managing public sector vehicles & equipment

TruckingInfo.com

THE COMMERCIAL TRUCK INDUSTRY’S MOST IN-DEPTH INFORMATION SOURCE

Work Truck Magazine

The number 1 resource for vocational truck fleets

Schoolbus Fleet

Serving school transportation professionals in the U.S. and Canada

LCT Magazine

Global Resource For Limousine and Bus Transportation

Please sign in or register to .    Close