NCHRP 20-59 (48)
2014 TRB ANNUAL MEETING
Effective Practices for the Protection of Transportation Infrastructure from Cyber Incidents
Dave Fletcher, Co-PIJanuary 15, 2014
2
Cyber Threats to Transportation
CASE, LLC and WMC, LLC
3
NCHRP 20-59 (48) Scope
Transit Control Systems
Transit Data Systems
HighwayControl Systems
HighwayData Systems
4
Research Plan
CASE, LLC and WMC, LLC
5
Cyber Security Primer Topics Section 1 - Risk Management Principles and
Enterprise Risk Management Approaches Section 2 – Risk Assessment, Surveys and Audits Section 3 – Plans and Strategies, Establishing
Priorities, Organizing Roles and Responsibilities Section 4 – Cyber Security Principles Section 5 – Transportation Infrastructure,
Protection of Operational and Information Systems Section 6 – Training, Building a Culture of Cyber
Security Section 7 – Security Programs, Available
Resources, Support Frameworks
CASE, LLC and WMC, LLC
6
Cyber Security in Transportation Survey Scanning survey to
Raise awareness of cyber issues Baseline sector cyber security maturity Identify “best practice” organizations
Paper or digital version 850 invitations to DOTs, Transit,
SCOTSEM, AASHTO, other stakeholders 90+ responses (11% return)
CASE, LLC and WMC, LLC
7
Survey Objectives
C.A.S.E. LLC and Western Consulting LLC
How serious a problem do respondents perceive cyber security to be?
How serious of a problem has cyber security been in the transportation industry to-date?
What are the quantity and depth of resources (i.e., skills, dollars, training time. etc.) being applied to these problems?
Is this investment sufficient, given all the other things that need attention?
8
Preliminary Findings
C.A.S.E. LLC and Western Consulting LLC
Most respondents are aware of cyber-threats and vulnerabilities but rank them as moderate to low.
Most respondents assess risk to control systems as less than risk to data systems
Line-of-business managers see security as an IT issue
Top 3 threat vectors believed to be natural disasters, criminal behaviors of outsiders and/or the loss of critical related services
Almost no respondent reported cyber security events
9
Preliminary Findings
C.A.S.E. LLC and Western Consulting LLC
Security responses driven by desire to reduce or avoid service interruption, loss of life and property damage
Although most reported cyber readiness as good or better, only 20% had a current and tested Continuity of Operations or Disaster Recovery Plan
2 of 3 indicated implementing some “best practices” but 3 of 4 unfamiliar w/ national standards
10
Thank You
Please contact Ernest “Ron” Frazier, Co-Principal Investigator Countermeasures Assessment and Security Experts, LLC
(CASE™)Phone: [email protected]
Dave Fletcher, Co-Principal InvestigatorWestern Management and Consulting, LLCPhone Number: [email protected]
Jeffrey Western, Administrative OfficerWestern Management and Consulting, LLCPhone Number: [email protected]
CASE, LLC and WMC, LLC