Transportation Cybersecurity
Protecting Air, Rail, and Maritime Organizations From IT and OT Threats With a Single Solution
Fortinet is a Leader in the IT/OT Security Platform Navigator 2022Overview
As shipping, rail, and maritime firms embrace digital transformation (DX) to increase efficiencies and cost savings, it also raises the likelihood of attack on operational assets. The more connected the transportation industry becomes, the more cyber criminals will target it. In fact, all four of the largest shipping companies have now been victims of cyber attacks.
Digitization of the transportation and logistics process to support DX is greatly increasing the number of devices connecting to the control network and expanding the attack surface. These devices include IoT, passenger and staff BYOD, phones/tablets and sensors that monitor signals, digital signage, scanners, and gauges.
A successful attack on a transportation company can result in dire consequences, even cause bodily harm. It’s critical to protect the network and everything connected to it.
Fortinet provides a comprehensive solution for IT (information technology) and OT (operational technology) networks. We secure digital assets for transportation organizations by providing advanced visibility, control, and response capabilities. The Fortinet Security Fabric supports common security frameworks such as NIST with the ability to identify, protect, detect, respond, and recover.
The corporate IT network at transportation companies houses important data related to finance, intellectual property, human resources, product support, field support, scheduling, manifests, and more. As with other industries, air, rail, and shipping firms are increasingly reliant on cloud-based applications and infrastructure, and IoT devices are growing in number at the network edge.
Whatever sensitive data is housed there, the corporate infrastructure needs a broad, integrated, and automated cybersecurity solution with end-to-end integration. The Fortinet Security Fabric provides just such a solution, built on the foundation of FortiGate next-generation firewalls (NGFWs) and artificial intelligence (AI)-powered threat intelligence from FortiGuard Labs.
A wide array of Fortinet cybersecurity tools integrates seamlessly into the Security Fabric, along with dozens of third-party solutions delivered by Fabric Partners. And an open ecosystem and extensive application programming interface (API) tools make the integration of other third-party tools possible.
Connected Transportation Systems
Historically air-gapped OT systems are now (for the most part) connected to IT systems—and thus to the internet—for a variety of reasons. Digital transformation and the need for business agility are creating increasing co-dependence between IT and OT. From a cybersecurity perspective, the main result of this convergence is a greatly expanded attack surface. And since OT systems often have weak cybersecurity protection, this presents risk to an organization in the short term.
Securing onboard air/rail/vessel information systems and vessel and shipping networks requires securing spanning IT and OT.
- Onboard information systems require protection for access controls, passenger communications, Wi-Fi and infotainment, air/rail/vessel-to-ground communications, equipment management, and industrial control systems.Securing the vessel and shipping networks needs to include protection for shipboard systems like the ship control network, GPS and navigation, instrument network, and critical control systems.
There is great potential for combining IT and automation networks into a single, secure, manageable, and converged environment. To do this, cybersecurity teams must have:
- Centralized visibility into all systems
- The ability to segment the network according to business need
- Centralized control of both wired and wireless networks
The Fortinet Security Fabric covers the entire attack surface with a broad, integrated, and automated cybersecurity architecture that enhances cybersecurity and improves operational efficiency. Built on the foundation of FortiGate next-generation firewalls (NGFWs) and artificial intelligence (AI)-powered threat intelligence from FortiGuard Labs, the Security Fabric provides seamless integration with dozens of cybersecurity tools from Fortinet and Fabric Partners.
Secure Satellite Communications
In transportation and logistics, there is an increasing dependence on technology for data transfer between ground systems and aircraft, fleets, or rolling stock. Fortinet provides secure software-defined WAN (SD-WAN) built into FortiGate next-generation firewalls. This consolidation of security and networking enables easy-to-manage, safe connections to the internet, 3G/4G, or SATCOM links, making it a truly borderless infrastructure. It provides application visibility for encrypted traffic and smart load balancing, which helps to reduce WAN costs without impacting the SLA for business applications.
Improved Customer Experience
Air and rail customers expect to get where they need to go, retrieve their baggage, and travel safely. If a cybersecurity incident causes a system outage, passengers may be stranded, luggage may be lost, and customers will be unhappy. While on the airplane, train, or ship, safe and secure travel for passengers and the staff that serve them is important.
Regardless of location, customers expect easy, immediate, and automated access to travel schedules, order shipments, and costs. Engagement occurs through a variety of electronic means including mobile applications, websites, and self-service terminals. Providers also rely on the same types of electronic channels to communicate with customers and deliver real-time updates about situations that may jeopardize delivery. Securing web properties and customer interactions for data privacy is paramount to attracting and keeping customers.
The Fortinet Security Fabric extends security and continuous monitoring to connected systems supporting the entire passenger experience.
Third-party Vendor Management
As the industry expands digital transformation initiatives across the supply chain, third parties have more access than ever to corporate networks and OT systems. This complicates the notion of the trusted user and forces organizations to assess their protection against insider threats—including from third parties. Keeping track of each partner’s cybersecurity posture through regular vetting is critical. Organizations also need robust protection against insider threats, whether those threats are accidental or malicious, and whether they come from within the company or an element of the partner network.
The integrated solutions of the Fortinet Security Fabric provide a multilayered defense against insider threats. Intent-based segmentation capabilities in FortiGate NGFWs allow organizations to segment their network intelligently in a world of dynamic trust. FortiAuthenticator identity and access management and FortiToken tokens leverage that segmentation in granting access to users on a need-to-know basis. FortiInsight uses user and entity behavior analytics (UEBA) to identify anomalies in the expected behavior of trusted users and entities that might indicate a compromised account. And FortiDeceptor uses deception technology to deceive, expose, and eliminate attacks originating from internal and external sources.
Multi-cloud Cybersecurity
As with most other industries, transportation companies are moving data and applications to the cloud. Cloud-based solutions are routinely used for services that impact customer experience as well. Protecting cybersecurity for these assets is critical, meaning that an organization’s integrated cybersecurity architecture must extend from the data center to OT systems to multiple clouds.
The Fortinet Security Fabric enables broad, integrated, and automated protection for the multi-cloud environment, ensuring consistent policy management, configuration management, and threat detection and response across the entire attack surface. Our top-rated FortiGate NGFW is available as a virtual machine for public or private cloud environments. FortiWeb web application firewall (WAF), available in several form factors, protects the application layer with in-line, artificial intelligence (AI)-powered threat intelligence.
The FortiCASB cloud access cybersecurity broker (CASB) service provides insights into resources, users, behaviors, and data stored in the cloud with comprehensive reporting tools, and enables advanced policy controls to be extended to Infrastructure-as-a-Service (IaaS) resources and Software-as-a-Service (SaaS) applications. The FortiCWP cloud workload protection (CWP) tool enables cybersecurity and DevOps teams to evaluate their cloud configuration cybersecurity posture and identify potential threats resulting from misconfigurations.
Key Transportation Cybersecurity Challenges
Mitigating the transportation supply chain risks
The impact of successful attack on the transportation supply chain process can result in revenue loss and brand damage. Common supply chain risks include incorrect orders, delayed shipments, inventory loss, and unsecure sensitive information that support the supply chain workflow.
Customer Experience and Public Safety
Service interruptions caused by cyber threats can have a serious impact on customers, passengers, cargo, and employees who are reliant on critical infrastructure. Sabotage of operations that are carried out over the network can cause physical harm to onsite employees and even nearby residents. For example, a hacker can cause trains to derail.
Operational Efficiency
Lack of integration across the different cybersecurity elements and architectural fragmentation increase operational inefficiencies. Without integration, manual tasks such as correlating log reports from different systems and assembling compliance reports waste the time of highly-paid cybersecurity professionals and distract from more strategic work.
Architectural silos also create redundancies in management of applications, requiring a bigger set of specific product skills to be present on an overworked cybersecurity team. They can also result in higher software and hardware licensing costs that can significantly increase overall operational expenses.
Compliance
Transportation firms are subject to a wide variety of regulations and standards that vary depending on geography as well as the means of transportation. Penalties for noncompliance are sometimes high, but an even higher cost often comes from diminished brand reputation in the event of a breach.
Organizations must be able to demonstrate compliance with multiple regulations and standards without removing staff from strategic initiatives to prepare audit reports. Demonstrating compliance can be extremely difficult and time consuming with a disaggregated cybersecurity infrastructure.
Examples of regulations include:
- International Maritime Organization (IMO) 2020 regulation
- International Civil Aviation Organization (ICAO) air transport policy and regulations
- National Highway Traffic Safety Administration vehicle and related equipment regulations
- International Organization for Standardization (ISO) 27001
- International Electrotechnical Commission (IEC) 62443
Fortinet Differentiators for Transportation Cybersecurity
Flexible Integration, Including OT-specific Solutions
The Fortinet Security Fabric provides a single-vendor, end-to-end, integrated cybersecurity architecture across IT and OT, from protection to detection to response. This enables operational and cost efficiencies and improves protection against fast-moving threats. In addition to Fortinet tools, the Security Fabric enables integration with specialized OT solutions through the largest ecosystem of Fortinet Fabric Partners to streamline data into a single view for informed decision-making.
Cyber-physical Integration
The Fortinet Security Fabric enables manufacturing companies to consolidate networking, cybersecurity, and surveillance functions into a single pane of glass. Technologies like cameras and recorders, advanced threat protection, segmentation and authentication, and software-defined wide-area networking (SD-WAN) can be deployed as an integrated whole—with minimal hardware and license costs.
Insider Threat Protection
Insider threats—intentional or accidental—are a growing concern for manufacturers as more users have access to parts of the network. These users can include employees, third-party suppliers, marketing and sales partners, and more. Fortinet provides a comprehensive solution to guard against insider threats including robust intent-based segmentation, identity and access management, user and entity behavior analytics (UEBA), and deceptor technology to lure malicious attackers into identifying themselves.
OT-specific Threat Intelligence
OT systems have unique architectural characteristics and face OT-specific threats along with generic ones. With 15 years of experience in working with manufacturing customers, FortiGuard Labs provides robust, OT-specific threat intelligence to those who manage manufacturing systems. FortiGuard Labs also has nearly eight years of experience in using artificial intelligence (AI) to identify unknown threats.
