Security News > 2023 > February > Inadequate cybersecurity investments leave rail industry at risk
The popular notion might view the rail industry as a laggard compared to auto or high-tech manufacturing when embracing Industry 4.0.
Rail industry needs to work closely with cybersecurity vendors.
ABI Research forecasts that OT and IoT spending in the rail industry between 2022 and 2027 represents an average of 7.65% of total cybersecurity spending in the sector and is set to hit $300 million globally by 2027.
"This is in line with overall average levels of 3-5% OT cybersecurity spending in the industrial sector. Still, the rail sector's high level of OT-IT convergence and the extended nature of its networks mean that more precautions should be taken to maintain OT integrity. Exclusively relying on average OT cybersecurity spending growth is not enough to ensure secure networks, especially given the sector's OT spending was globally a meager $123 million in 2022," explains Michael Amiri, Senior Industrial Cybersecurity Analyst at ABI Research.
"Coupled with increasing reliance on third-party systems in the rail supply chain that increases potential breaches through the sector's expansive network, rail cybersecurity vendors could experience an expanding market environment in upcoming years. This means market forecasts should be viewed conservatively, as the impact of future regulation on spending trends is difficult to factor in. Much will depend on whether new regulation is backed by financial penalties, which go a long way in driving compliance," Amiri says.
"The rail industry is a high-value target for malicious actors, both financially and symbolically. The symbolic status of the industry, coupled with the confluence of both IT and OT systems in the sector, provides opportunities for blackmail, state-sponsored attacks, or to bring attention to socio-political causes. This means both state-endorsed criminals and non-state actors have targeted the rail and transit sector in the past and will continue to do so" Amiri concludes.
News URL
https://www.helpnetsecurity.com/2023/02/09/rail-industry-cybersecurity-spending/