The transport sector includes a variety of industries, including aviation, rail, road, and maritime transportation. All of these rely heavily on technology and interconnected systems to operate efficiently, making them vulnerable to cyber attacks.
The data and systems used by the transport sector include passenger information, cargo manifests, navigation systems, and control systems for vehicles and infrastructure.
The threats and threat actors relevant to the transport sector include state-sponsored hackers, hacktivists, and cyber criminals seeking financial gain or to disrupt operations. Some examples of high-profile attacks in this sector include the 2017 WannaCry ransomware attack, which disrupted operations at several UK hospitals and affected some airline and shipping companies, and the 2020 ransomware attack on the US-based Colonial Pipeline, which caused fuel shortages and price increases in the south-eastern United States.
Significant changes currently impacting the cyber resilience of the transport sector include the rise of smart cities and connected and autonomous vehicles. While these innovations offer new opportunities for efficiency and convenience, they also create new attack surfaces and security risks.
Relevant compliance requirements and guidance in this sector include the Civil Aviation Authority (CAA) cybersecurity guidance for aviation, the National Cyber Security Centre (NCSC) guidance for connected places, and the UK Government Cyber Security Strategy.
At AMR CyberSecurity, we offer a range of services designed to help the transport sector manage cyber security risks, including penetration testing, technical systems audit, certification and accreditation, compliance, risk management, security architecture, and threat intelligence.
Our approach is to work collaboratively with our customers to provide objective, independent guidance and knowledge transfer. We use a risk-based approach to identify and prioritise the most critical security risks, and we tailor our services to the specific needs of each customer.
We have extensive experience working with the transport sector and its suppliers, and we are thought leaders in our field. We stay up-to-date on the latest cyber security threats and trends, and use this knowledge to help our customers develop effective cyber security strategies.
AMR CyberSecurity is a trusted partner for cyber security services in the transport sector. Our accreditations, including CREST and NCSC CHECK, demonstrate our commitment to excellence in our field. We are also independently audited and certified to ISO 27001 for security, CE Plus for compliance, and ISO 9001 for quality management.
We are also on government-approved procurement frameworks, including G-Cloud and the Cyber Security Services 3 framework. We employ NCSC CCP certified consultants, and are committed to providing effective, robust, threat-led guidance to our customers in the transport sector and beyond.