The world of transport is set to engage cybersecurity in a big way as it becomes more and more connected and part of the huge internet of everything (IoE) revenue opportunity. A report by ABI Research finds that roadways will account for $5 billion of cybersecurity spending by 2022, with aviation following closely at $3.9 billion and railways at $3.5 billion.
The huge roadway spend will come from the vehicle-to-anything (V2X) communications infrastructure used for self-driving and connected vehicles. This infrastructure enables cars to communicate with one another, the infrastructure and other road users. Constant communication is necessary to prevent accidents, so hacking or other failures could prove dire.
Potential security breaches range from malicious hacks to the failure of infrastructure. The so called ‘Petya’ cyberattack last month hit Danish shipping giant A.P. Moller-Maersk and German railway operator Deutsche Bahn (which was also a victim of May’s ‘WannaCry’ ransomware hack), causing significant disruption and delays.
Industrial control systems [ICS] are important to transportation systems, and connecting the operational technologies [OT] will require that stakeholders develop and implement cybersecurity technologies, according to ABI.
Michela Menting, Research Director for the firm, says that that while the transportation sector places heavy reliance on functional safety and physical security, the cyber protection of connected OT is currently inadequate and will require some significant work:
“The new generation of ICS is Internet-enabled, using commercial off-the-shelf software and leveraging a range of non-proprietary protocols. Transport stakeholders will have to implement digital security if they want to successfully realize the efficencies and cost savings that connected OT promises to deliver.”
To do so, Menting recommends forethought, planning and collaboration between cybersecurity experts and IT professionals, OT specialists, engineers, control system manufacturers and process operators within the modes, across the sectors, and with private and public stakeholders internationally.
As vendors become more involved in deploying cybersecurity alongside transport operators, policy is being developed worldwide, and cybersecurity is high on the agenda of international organizations like the UN, NATO, ISO, IEC, ICAO and IMO, which are actively engaged in updating international conventions and developing guidelines alongside a host of national agencies.
TM Forum’s Open Digital/IoE Steering Group identified a ‘roadmap of challenges’ for IoE, and ensuring security and privacy ranks highly.
“A key takeaway from the collaborative effort is that there’s no ‘end-game’ – no end state for IoE, no ultimate set of business or consumer products,” says Craig Bachmann, Senior Director, Open Digital Program, TM Forum. “Instead the three pillars of IoE – business models, market expectations and technical capabilities – keep changing. We need to understand and accept that this is how it is and how it’s going to be, then adjust our thinking and adapt.”
Monetizing IoE InFocus
By many estimates, there will be an estimated 50 billion devices connected to the internet in 2020, from trash cans to cars, lighting and refrigerators. IDC suggests that IoT market revenue will be $7.1 trillion by this time, and McKinsey predicts an annual $11.1 trillion in economic value by 2025.
TM Forum will host a Monetizing IoE InFocus event in Amsterdam in October, which will look not only at how best to overcome barriers to investment and monetize this burgeoning opportunity, but also at how to reduce the many risks.
The Forum is also tackling the growing challenges of managing security in the digital world through our collaborative work on improving and expanding digital trust capabilities to guarantee security, privacy and revenue management. We explore how to share responsibility across connected services. Find out more about what we’re doing and how to get involved.