ITS America president & CEO Shailen Bhatt has called on US lawmakers to create a "more robust national transportation cybersecurity strategy".
This "should see all cyber attacks as defendable, provided we make the necessary investments before they occur," he insisted.
In testimony to the Senate Environment and Public Works Committee’s Addressing Cybersecurity Vulnerabilities Facing Our Nation’s Physical Infrastructure hearing, he said: "Cyber-attacks on transportation are a growing concern worldwide."
"Given the ability to cause loss of life and inflict significant economic damage in a highly visible manner, cybersecurity attacks directed at those producing or operating technologies travelling over or connected to US roadways will intensify."
A report last year suggested that four in 10 US transit agencies have no plan to counter these incursions into their systems.
Bhatt added: "We must manage the vulnerabilities that come with a more complex and connected transportation system. We need to stop thinking of cybersecurity as something to add to our infrastructure.
"We need to fully integrate cybersecurity as part of our infrastructure and make intelligent transportation systems secure by design."
To achieve this, ITS America wants the US federal government to:
• Provide state, local, and other transportation agencies funding at up to 100% federal share, technical assistance, and best practices to improve their cyber defences
• Set up a DoT grant programme to help rural transportation agencies and areas of persistent poverty or income inequality modernise intelligent transportation systems
• Reimburse transportation entities that have been proactive and used state, local or other funding sources to modernise ITS and improve cyber defences
• Allow flexibility in how transportation funds are used to invest in future cybersecurity workforce capacity
“We fund safety programmes up to 100% federal share – we should give cybersecurity the same level of support,” Bhatt continued.
“State and local transportation agencies need resources to shore up their infrastructure.”
The strategy should include risk assessment and network security controls, with ITS America wanting transportation agencies to meet certain criteria determined by the National Institute of Standards and Technology and the Center for Internet Security.
The connectivity enabled by smart devices in transportation has opened up new risks.
“While advances have made the transportation system more connected than ever, this connectivity brings increased cyber risks – and these risks have the potential to threaten the economy, and people’s lives," Bhatt concludes.
“This is a critical opportunity. If we provide the necessary resources, we can level the playing field and create a more safe and secure transportation network."
