Transport firms lack skills to strengthen cyber defences

A study of 125 businesses across the transport industry has revealed that 64% think that their processes to combat cybersecurity threats could be stronger, and two thirds (66%) said more could be done to protect against data mishandling.

The survey by Inmarsat shows that despite recognising the enhanced security threats of Industrial IoT, just 38% have invested in new security technologies and only 39% have partnered with security specialists for assistance, indicating that not enough is being done to secure operations. One driver for this response is a lack of relevant skills, with 59% of respondents reporting that they lacked staff with cybersecurity skills to deliver their Industrial IoT deployments.

Commenting on the findings, Tara MacLachlan, Vice-President for Industrial IoT at Inmarsat Enterprise said: “While Industrial IoT presents immensely exciting possibilities for businesses across the transport and logistics sector, it also increases the risk that they will face cybersecurity issues, and our research suggests that they are unprepared for these risks.

“A network is only secure as its weakest point, and with Industrial IoT increasing the potential surface area for cyberattacks, transport businesses must ensure that they harden every element of their IoT deployments. Without secure Industrial IoT networks, businesses may leave themselves open to cyberattacks designed to cripple transport and logistics infrastructure, ransomware or industrial espionage.  

“Truly secure Industrial IoT deployments must have security built-in from the ground up. This must include secure access management, secure execution environments, enhanced data encryption, and smart validation and authentication between sensors, gateways, and the software orchestration platform.

“As we have seen from the results of this study, not every transport business has the skills or technology capabilities to ensure an IoT solution is secure from end-to-end. Businesses need to collaborate with specialist providers who can offer a fully managed IoT service that considers security at every stage, from the edge sensors, to the gateways and orchestration platforms, to the connectivity and networks themselves.”