Ensuring that the Transit Industry and Their Vendors are Aligned to Face the Increasing Cybersecurity Challenges. Recommendations for Quickly Identifying and Addressing Challenges
Cyber-attacks are inevitable. Fortunately, agencies and their vendor partners can take action to help protect themselves from attacks and to prepare for any breaches that do occur, thus ensuring the critical transportation systems of our nation continue running smoothly and safely. The U.S. Department of Homeland Security (DHS) designated the Transportation System Sector as one of 16 critical infrastructure sectors, whose disruption would have a debilitating effect on our nation’s security. And yet, ransomware, data breaches, business email compromise and other cyber threats are on the rise throughout the country. In parallel there is an enormous amount of data flowing among vehicles, systems and vendors employed throughout the public transit industry, making the transit industry especially vulnerable to cyber-attack. The intent of this study is to help public transit agencies understand the cybersecurity risks posed by the role some of their vendors play in their systems, and align the interests of the vendors with those of the agency to better understand, mitigate, and respond to cybersecurity threats. This study will review the state of best practices in supply chain cybersecurity among other industries; review the state of cybersecurity best practices in supply chain management among public transit agencies; outline modern cybersecurity operations among public transit vendors; further assess U.S. policy on cybersecurity in public transportation and potential changes from the new Administration and in response to SolarWinds; and provide operational recommendations for public transit operators and their supply chain of vendors to enhance their cyber risk management.
Language
- English
Project
- Status: Active
- Funding: $81548
-
Contract Numbers:
69A3551747127
-
Sponsor Organizations:
Office of the Assistant Secretary for Research and Technology
University Transportation Centers Program
Department of Transportation
Washington, DC United States 20590 -
Managing Organizations:
Office of the Assistant Secretary for Research and Technology
University Transportation Centers Program
Department of Transportation
Washington, DC United States 20590 -
Performing Organizations:
Mineta Consortium for Transportation Mobility
San Jose State University
San Jose, CA United States 95112 -
Principal Investigators:
Belcher, Scott
- Start Date: 20210315
- Expected Completion Date: 20211231
- Actual Completion Date: 0
- USDOT Program: University Transportation Centers
Subject/Index Terms
- TRT Terms: Best practices; Computer security; Public transit; Recommendations; Risk management; Supply chain management; Transit operating agencies
- Subject Areas: Data and Information Technology; Public Transportation; Security and Emergencies;
Filing Info
- Accession Number: 01767041
- Record Type: Research project
- Source Agency: Mineta Consortium for Transportation Mobility
- Contract Numbers: 69A3551747127
- Files: UTC, RIP
- Created Date: Mar 16 2021 12:29PM