Page 25

Decentralised control of complex and interconnected networks, autonomous vehicles, and new technologies are making the IM industry vulnerable to “more cyber-attacks, more often, and potentially with more severe consequences”, according to the Cyber Security and Intelligence Mobility report. Additional pressures such as shortened timescales to push through products from development into public use also mean that basic security protocols are sometimes overlooked, leaving systems permeable to incursions via new, unsecured devices. Introducing sophisticated technologies in the form of predictive analytics, anomaly detection and Artificial Intelligence is not the whole solution, according to the report. What secure Intelligent Mobility requires is a robust strategy and cultural focus to tackle the £2.4m average annualised cost of cyber crime to transport companies in the UK. A recent report from the Institute of Directors echoes this sentiment. Although not exclusive to the transport industry, the findings concluded that while 95 per cent of more than 800 business leaders consider Cyber Security “very” or “quite” important to their business, almost 50 per cent have no formal security strategy. The TSC proposes a clear strategy gathered from an in-depth review of reports, white papers, policy documents and academic research, as well as interviews and workshops with key stakeholders and more than 70 thought leaders, setting out five critical steps. First and foremost, says Thirunavukkarasu, an Intelligent Mobility future needs security principles – that is “security by design, rather than as an afterthought”.“Many technological improvements can differentiate between an incident and a catastrophe. But a good security principle would be to analyse and understand those small incidents before they amass into something bigger. Small incidents can be a learning curve for knowing how to respond to more serious situations,” he says. The TSC’s remaining critical steps suggest adopting technology and research roadmaps for converging with other mobility technologies and “up-skilling” the mobility sector workforce by positioning Cyber Security as an essential skill. Transparent practices and knowledge-exchange across all domains is crucial, as Cyber Security is not limited to the automotive or aviation sectors, but relevant to all UK businesses. Finally, transport professionals must invest in innovative practices, such as advanced encryption techniques, advanced threat detection and high-security wireless communications. Close to 50 per cent of UK businesses have experienced a cyber attack in the last year, according to the 2017 Cyber Security Breaches Survey conducted by the UK government, which is accelerating investment in the cyber space domain, with £1.9bn of investment planned before 2021. The good news is that the UK is one of the world’s leading nations in terms of Cyber Security capability. Established clusters of expertise exist across the country, with many companies being spin-outs from government institutions such as GCHQ. Academic capability is also strong, facilitated through initiatives such as Cyber Security Centres of Excellence, and close ties between universities and government.“However, culture change must underpin all,” warns Thirunavukkarasu. “You can have the best Cyber Security experts, but if they are not able to channel their efforts into the transport industry or if a transport professional is not able to see that Cyber Security is a bigger issue, progress will be elusive.” The average annualised cost of cyber crime to transport companies in the UKPercentage of security and mobility professionals polled who identified autonomous vehicles as a key area of focus over the next 10 years£2.4 MILLION80% “AN INTELLIGENT MOBILITY FUTURE NEEDS SECURITY PRINCIPLES – THAT IS SECURITY BY DESIGN, RATHER THAN AS AN AFTERTHOUGHT” TSC TECHNOLOGIST ADITYA THIRUNAVUKKARASU CYBER SECURITYIMAGINE25