The popular notion might view the rail industry as a laggard compared to auto or high-tech manufacturing when embracing Industry 4.0. Yet railways are increasingly dependent on sophisticated connected systems to enhance efficiency and customer satisfaction. With the advent of connected online systems and the convergence of Operational Technology (OT) and Information Technology (IT) systems, network and data-sharing security between IT and OT systems is proceeding to become an integral component of safety, providing new market opportunities in the rail, freight, and transit sector. Yet this also increases complexity, inter-connectedness, and cyberattacks if security measures are not taken to secure data flows between the two environments.
ABI Research, a global technology intelligence firm, forecasts that OT and IoT spending in rail between 2022 and 2027 represents an average of 7.65% of total cybersecurity spending in the sector and is set to hit US$300 million globally by 2027.
“This is in line with overall average levels of 3-5% OT cybersecurity spending in the industrial sector. Still, the rail sector’s high level of OT-IT convergence and the extended nature of its networks mean that more precautions should be taken to maintain OT integrity. Exclusively relying on average OT cybersecurity spending growth is not enough to ensure secure networks, especially given the sector’s OT spending was globally a meager US$123 million in 2022,” explains Michael Amiri, Senior Industrial Cybersecurity Analyst at ABI Research. “The disparity indicates higher OT cybersecurity risks in the future if rail operators do not increase OT security budgets.”
Amiri stresses that, considering geopolitical tensions and hacker operations, rail organizations should actively engage with cybersecurity vendors to find tailored solutions for vulnerabilities in their vast ecosystem rather than wait for relevant solutions to emerge.
OT and IoT cybersecurity spending could experience a boost through evolving regulatory requirements like the EU’s new NIS 2 Directive or the U.S. Rail Cybersecurity Mitigation Actions and Testing Directive, issued back in October 2022. “Coupled with increasing reliance on third-party systems in the rail supply chain that increases potential breaches through the sector’s expansive network, rail cybersecurity vendors could experience an expanding market environment in upcoming years. This means market forecasts should be viewed conservatively, as the impact of future regulation on spending trends is difficult to factor in. Much will depend on whether new regulation is backed by financial penalties, which go a long way in driving compliance,” Amiri says.
“As infrastructure threats make the headlines more frequently, investment in OT security will see increasing capital flows. These attacks, alongside new regulatory requirements, are hard to incorporate into mathematical models of industry growth, but will lead to spikes in security spending,” he adds.
The secure management of data flows is an integral part of OT security. This means securing data flows between OT and IT environments from cybercriminals is key to securing OT-IT convergence in the sector. Rail operators must manage up to thousands of miles of track and other rail resources. An effective asset management system that requires OT-IT convergence and monitoring train systems at its core is the most efficient method to maintain asset health. Vendors, such as Activu provide visibility software solutions that remove communication and collaboration barriers between IT and OT environments, creating a seamless and ordered view of real-time visual information on both networks. Siemens’ Data Capture Unit builds a secure OT-IT bridge, ensuring that critical networks remain physically isolated. Tenable allows organizations to identify assets and communicate risks while enabling IT and OT teams to work better together. Tenable’s OT solution is fully integrated with leading IT security vendors to create a secure trust ecosystem. Vendors specializing in OT cybersecurity, like Radiflow, offer solutions specifically designed to avoid infiltrating OT systems by detecting abnormal behaviors that indicate breach attempts and changes to various Industrial Control System components.
“The rail industry is a high-value target for malicious actors, both financially and symbolically. The symbolic status of the industry, coupled with the confluence of both IT and OT systems in the sector, provides opportunities for blackmail, state-sponsored attacks, or to bring attention to socio-political causes. This means both state-endorsed criminals and non-state actors have targeted the rail and transit sector in the past and will continue to do so” Amiri concludes.
These findings are from ABI Research’s OT-IT Convergence in the Rail Industry: Securing Data Flows as Key to Security application analysis report. This report is part of the company’s IoT Cybersecurity research service, which includes research, data, and analyst insights. Based on extensive primary interviews, Application Analysis reports present an in-depth analysis of key market trends and factors for a specific technology.