Industry Talk

Regular Industry Development Updates, Opinions and Talking Points relating to Manufacturing, the Supply Chain and Logistics.

TfL hit by cyberattack

TfL is the heartbeat of London commuting. With this comes an incentive for attackers to break through the barriers and cause severe disruption or access the treasure trove of personal data that it holds.

Like any large, complex organisation, TfL must be mindful of the gap in its cyber hygiene standards. Just like any other transport provider, it will operate a wide range of cyber-physical systems (CPS). Each one of these must be continuously monitored with visibility into all systems to quickly detect and mitigate threats.

The UK NIS regulations are key in ensuring vital systems are protected and policies are adhered to, and it is critical the proposed upcoming reforms minimise the gap to the European NIS2 regulations. Proactive security measures for public services are a must for reliable and safe amenities.

NIS2 calls for all businesses operating in the transport sector to improve CPS security via asset management and keeping real time inventories of what is on the network. The sector’s reliance on interconnected IT and OT technologies provides heightened risks. To address this, an integrated approach to security is key where there is visibility into cyber-physical systems in OT environments, as well as consistent IT security controls. Unified security governance across IT and OT is vital in building cyber resilience.