How Can The US Transportation Industry Stay Secure And Compliant in The Face of Rising Threats and Stricter Regulations?
Physical security is a top concern for the transportation industry, and it’s easy to see why. Taking that concern seriously, airports, seaports, railroads, and other transportation entities invest heavily in digital physical security devices. But more often than not, they don’t reap the full benefits of their physical security investments, due to difficulties in managing and maintaining those devices. This reality presents serious risks, including both physical security and cybersecurity dangers.
The need to protect travelers, workers, and the public at large is a serious one
The transportation industry has good reason to take security seriously. Key infrastructure such as airports, seaports, and railroads must be protected from a range of dangers, including terrorism, cyberattacks, other criminal activities, and more.
That challenge is particularly significant given the increase in travel that we’ve seen since the peak of the COVID-19 pandemic. Shedding light on the scale of that increase, data published by the U.S. Transportation Security Agency (TSA) shows that the average number of travelers passing through checkpoints each day has been higher this year (so far) than during the same period in 2019. As of March 23, 2023, TSA numbers show that 2,090,706 passengers have passed through checkpoints on an average day this year, as compared to 2,085,983 passengers during the same period in 2019.
Meanwhile, cybersecurity is a growing concern for the transportation industry, especially given the rise in state-sponsored cyberattacks in recent years. In 2022 alone, IBM estimated the cost of the transportation industry’s average data breach to be $3.59 million.
Highlighting the seriousness of this threat, TSA announced new cybersecurity requirements for railroad carriers late last year, followed by new requirements for the aviation industry this March. And speaking at a Senate hearing last November, Secretary of the Department of Homeland Security (DHS) Alejandro Mayorkas pointed to “the cybersecurity threat to ports” as the primary danger they face.
Those developments came after Russian-speaking hackers launched cyberattacks on U.S. airports’ websites last October, temporarily forcing over a dozen public-facing websites offline – including those of some of the largest airports in the United States.
In addition to preventing terrorism and cyberattacks, the transportation industry needs to actively prevent smuggling and other criminal activities. Given the huge volume of vehicles, people, goods, and raw materials that travel through major transportation hubs, this is an important and large-scale endeavor. U.S. Customs and Border Patrol has reported that on an average day in fiscal year 2022, it seized 2,895 pounds of drugs, $217,700 in illicit currency, and $8 million worth of items that violated intellectual property requirements.
How well do physical security devices meet the transportation industry’s needs?
To meet their security needs, airports, railway stations, seaports, and others invest heavily in physical security devices including IP cameras, access control panels, and a range of other technologies.
But as dependent as the transportation industry has become on those devices, in far too many cases they do not actually provide adequate security. Even worse, they can become an easy target for hackers, leaving the transportation industry exposed to serious cyber threats.
That’s because once these devices are purchased and installed, in most cases they are not operationally managed adequately – through no fault of their manufacturers, systems integrators, or physical security teams. This problem is not unique to the transportation industry, but it can be particularly risky within the large infrastructure of airports, seaports, and railroads. To quantify the scale of this problem, consider that in the average organization’s security environment:
- 4% of physical security devices get disconnected from their network at some point in a typical week.
- 6% of IP cameras get disconnected from their video management system at some point during a typical week.
- 8% of physical security devices are misconfigured.
- 15% of physical security devices in use are past their end of life, meaning that they are no longer supported by their manufacturers.
- 70% of physical security devices are running outdated firmware.
The status quo leaves the transportation industry exposed to major risks
Why are the gaps in the operational management of physical security devices so dangerous for the transportation industry? For starters, they increase the chance that a device will be offline when it’s really needed, such as during a violent attack. That’s exactly what happened during last year’s shooting incident at a Brooklyn subway station, as the nearby cameras were not working properly. And the risk has grown as travel has increased since the peak of the COVID-19 pandemic.
No less concerning is the cybersecurity vulnerability of inadequately managed physical security devices. Without being hardened and maintained properly, those devices can become a vector for hackers to carry out a data breach or cyberattack. For example, in 2021 a group of hackers was able to gain access to roughly 150,000 cameras belonging to video security startup Verkada. Underscoring this danger, Genetec has estimated that nearly 40% of security cameras have cybersecurity vulnerabilities as a result of using outdated firmware.
Also highlighting the risk that IoT devices (including physical security devices) can pose when necessary steps aren’t taken to protect them, the Biden-Harris Administration’s new National Cybersecurity Strategy document published this March notes that “many of the IoT devices deployed today are not sufficiently protected against cybersecurity threats.” That document even goes so far as to make improving the security of IoT devices one of its “strategic objectives.”
So, if inadequately managed physical security devices pose such danger, why doesn’t the transportation industry take the necessary steps to improve their operational management? The problem is that this is simply too massive and time-consuming of a task for most facilities such as airports, railroads, and seaports. These facilities can be massive, with huge numbers of physical security devices deployed throughout them. And it’s common for those fleets of security devices to include various device types, makes, and models.
Operationally managing all of those devices properly involves a range of processes, including:
- Password rotations
- Firmware upgrades
- Certificate management
- Monitoring devices to ensure they run consistently and securely
- Replacing devices that are past their end of life
Because most of the transportation industry still takes a manual approach to operationally managing all of those devices, the goal of managing them properly remains out of reach. As hard as physical security teams work to keep their devices running and protect them from cyber threats, they do not typically have the tools they need.
The transportation industry needs a more effective way of managing physical security devices
Given the risks that inadequately managed physical security devices pose to the transportation industry, how can airports, seaports, railway stations, and other entities manage those devices more effectively? How can they make sure their devices protect them from the risks of terrorism, smuggling, and other crimes – without leaving them vulnerable to cybercriminals?
To achieve those goals, the transportation industry needs to break out of the status quo. Simply hiring more people to manage physical security devices won’t offer the necessary reliability or cost-effectiveness.
Instead, the transportation industry needs to take an automated approach to operationally managing its physical security devices.
By automating the operational management of these security devices, transportation hubs can minimize the chances that a device could be offline when it’s really needed. At the same time, they can streamline the hardening and maintenance of their security devices, protecting them from cyber threats. As a result, this approach can improve both physical security and cybersecurity across the transportation industry – efficiently, cost-effectively, and reliably.
In short, unlike the status quo, an automated approach to operationally managing physical security devices offers the transportation industry a truly realistic way to seriously improve its overall security posture.
How has this automated approach already started helping parts of the transportation industry to manage their security devices? Check out this case study to discover how a major international airport has streamlined the operational management of its security devices with SecuriThings.