The transport sector includes a variety of industries, including aviation, rail, road, and maritime transportation. All of these rely heavily on technology and interconnected systems to operate efficiently, making them vulnerable to cyber attacks.
The data and systems used by the transport sector include passenger information, cargo manifests, navigation systems, and control systems for vehicles and infrastructure.
The threats and threat actors relevant to the transport sector include state-sponsored hackers, hacktivists, and cyber criminals seeking financial gain or to disrupt operations. Some examples of high profile attacks in this sector include:
- The 2020 ransomware attack on the US-based Colonial Pipeline, which caused fuel shortages and price increases in the south-eastern United States.
- DP World, an international logistics organisation, were attacked in November 2023, by an undisclosed group. The attack caused disruption to its land-side operations in Australia at five ports, leaving over 30,000 shipping containers disrupted, having secondary effects on multiple supply chains across the globe.
Significant changes currently impacting the cyber resilience of the transport sector include the rise of smart cities and connected and autonomous vehicles. While these innovations offer new opportunities for efficiency and convenience, they also create new attack surfaces and security risks.
Relevant compliance requirements and guidance in this sector include the Civil Aviation Authority (CAA) cybersecurity guidance for aviation, the National Cyber Security Centre (NCSC) guidance for connected places, and the UK Government Cyber Security Strategy.
How We Can Help
At AMR CyberSecurity, we offer a range of services designed to help the transport sector manage cyber security risks, including penetration testing, technical systems audit, certification and accreditation, compliance, risk management, security architecture, and threat intelligence.
Our approach is to work collaboratively with our customers to provide objective, independent guidance and knowledge transfer. We use a risk-based approach to identify and prioritise the most critical security risks, and we tailor our services to the specific needs of each customer.
We have extensive experience working with the transport sector and its suppliers, and we are thought leaders in our field. We stay up-to-date on the latest cyber security threats and trends, and use this knowledge to help our customers develop effective cyber security strategies.
Why AMR CyberSecurity
AMR CyberSecurity is a trusted partner for cyber security services in the transport sector. Our accreditations, including CREST and NCSC CHECK, demonstrate our commitment to excellence in our field. We are also independently audited and certified to ISO 27001 for security, CE Plus for compliance, and ISO 9001 for quality management.
We are also on government-approved procurement frameworks, including G-Cloud and the Cyber Security Services 3 framework. We employ NCSC CCP certified consultants, and are committed to providing effective, robust, threat-led guidance to our customers in the transport sector and beyond.
