At September’s American Public Transit Association (APTA) Annual Meeting in Nashville, Conduent Transit Senior Director Phil Silver shared crucial cybersecurity advice to help attendees minimize the impact of cyberattacks and other incidents.
Approximately 1,700 public transportation executives attended APTA’s 2018 Annual Meeting, which included conference sessions on public transportation technology and mobility advances and associated safety and security concerns. Silver spoke at a roundtable session entitled "Anatomy of a Security Breach and the Vulnerabilities of Big Data" alongside other public transit leaders. This educational session focused on ways that transit sector organizations can mitigate cybersecurity risks. According to Silver, smart technologies such as digital devices, apps and the Internet of Things (IoT), “have opened the door to potential vulnerabilities that simply didn’t exist just a few short years ago.”
News of transit sector cyberattacks underscore the challenges transportation organizations face. In one California city, for example, a hacker attacked the regional transit website -- erasing data, disrupting bus and light rail schedules, and hindering access to the website and apps. And in Lodz, Poland, a 14-year-old managed to turn a TV remote control device into a train controller, which led to four vehicle derailments and 12 people injured.
Here are three key takeaways Conduent’s Silver shared at the APTA event:
1) Focus on IP device protection – to address security concerns and optimize performance for wireless LANs and cloud services.
2) Evaluate public key infrastructure (PKI) credential management – to incorporate strong authentication and digital signatures and improve security across servers, cloud services and devices on transportation sector networks.
3) Adopt well-vetted ‘defense-in-depth’ strategies -- to harden all devices against potential compromises, improve network defenses and situational awareness, and better control backups and system updates.
By implementing the right protections, transportation organizations will minimize the impact of cyberattacks and other security compromises. “Transportation organizations will reduce costs, along with the time and complexity required to deploy new devices, and they will also streamline their ongoing audit and compliance processes,” Silver explained.
With 50 years of transit sector expertise, Conduent is well-positioned to help. Conduent has developed and deployed innovative transportation solutions serving clients across all modes of transport, including tolling, public transit, public safety and parking. As a trusted partner, Conduent stands ready to help transportation organizations better protect their most valuable assets and information.