Cyber risk and insurance for transportation infrastructure

Tonn, Gina; Kesan, Jay P.; Zhang, Linfeng; Czajkowski, Jeffrey

doi:10.1016/j.tranpol.2019.04.019

Cited by 33 publications

(23 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Oftentimes, academic and practitioner discussions of cyber insurance instead focus on data breach, possibly due to the availability of the Privacy Rights Clearinghouse curated data set on breaches, which has been used in several papers (e.g. Carfora et al 2019;Tonn et al 2019;Eling and Loperfido 2017;Edwards et al 2015). However, business interruption and data breach are both important in their own right.…”

Section: Introductionmentioning

confidence: 99%

IT service outage cost: case study and implications for cyber insurance

Franke

2020

Geneva Pap Risk Insur Issues Pract

View full text Add to dashboard Cite

Today, almost all enterprises are highly dependent on IT services. Thus, high availability IT services and the cost of downtime have received a lot of attention in recent years. One increasingly used tool for cyber risk management and transfer is cyber insurance, which typically offers some form of business interruption coverage. However, cost structures of IT service outages are still poorly understood, as costs are often just reported as lump sums. This article contributes a multiple case study of IT service outage cost in three sectors in Sweden: transport companies (N = 11), food companies (N = 9), and government agencies (N = 19). The contribution is three-fold: (i) the measurement instrument itself, (ii) the insights into different cost structures gained, and (iii) the implications of different cost structures on availability investment strategies. Main findings include that whereas some enterprises incur only fixed outage cost, some incur (almost) only lost productivity, and some incur almost only lost revenue. In the public sector, lost revenue is often negligible. The results are further contextualized by a discussion of cyber insurance implications.

show abstract

Section: Introductionmentioning

confidence: 99%

IT service outage cost: case study and implications for cyber insurance

Franke

2020

Geneva Pap Risk Insur Issues Pract

View full text Add to dashboard Cite

show abstract

“…16:1 j) dysfunction of the security equipment enabling the prevention of collisions of vehicles or their fire. Gina Tonn, Jay P. Kesan, Jeff Czajkowski and Linfeng Zhang 55 present the following general ways to prevent cyber damage: a) development of methods that will improve the system architecture and activities, b) operating methods involving changes in business transactions, c) countermeasures, including the acquisition of security software, the design of the system, the improvement of the course of operations and investment in the cybersecurity workforce, d) security measures including firewalls, encryption software, a virus detection system, and the division of the system into several parts. As another possible breakdown of cyber risk management measures, they 56 state the division into: a) institutional measures (software and hardware), b) procedural measures (management systems and operating systems), c) responsive measures (response and damage management after a security incident has been detected).…”

Section: Definition Of Cyber Risks In International Transportmentioning

confidence: 99%

Insurance of Cyber Risks in International Transport

Dobiáš

2022

MUJLT

View full text Add to dashboard Cite

The international transport of goods, passengers and luggage is recently facing the threat of cyberattacks. The article is focused on the analysis of the possible cyber risks in the field of the international transport and their management created by the international governmental and non-governmental organisations. The international regulation of the cybersecurity has only recommendatory character and will be subject to future development. That’s the reason why should carriers pay greater attention to all possible cyber security measures. As the instrument of the reduction and mitigation of cyber risks could be used cyber-insurance. The insurance companies are offering insurance cover mainlyon individual base corresponding to the extent of protection required by the policyholder.

show abstract

“…According to the Symantec 2018 threat report, 21 the rate of email-borne malware was 1 in 486, the email malware rate was 11.5% and the spam rate was 53.9% in the transportation sector. Tonn et al 22 analyzed cyber incident data for the transportation sector using data from Advisen, 23 a leading quality data provider. They list 214 cybersecurity incidents and discuss the trend of cyber risk in the transportation industry ( Figure 3).…”

Section: Statistics Of Cybersecurity Incidents In CI and Railmentioning

confidence: 99%

“…Timeline of incidents related to the transportation infrastructure. Source: Adapted from Tonn et al 22 Cybersecurity incidents statistics from IBM 25 show the transportation sector has been affected by various types of cyber-attacks: SQLi, DDoS, Watering Hole, XSS, Malware, Brute Force, Misconfig, Phishing, and undisclosed ( Figure 6). Malware attacks pose the most significant threat, representing 30% (21/69) of the total.…”

Section: Statistics Of Cybersecurity Incidents In CI and Railmentioning

confidence: 99%

eMaintenance in railways: Issues and challenges in cybersecurity

Kour

Al-Jumaili

Karim

et al. 2019

Proceedings of the Institution of Mechanical Engineers, Part F:

View full text Add to dashboard Cite

The convergence of information technology and operation technology and the associated paradigm shift toward Industry 4.0 in complex systems, such as railways has brought significant benefits in reliability, maintainability, operational efficiency, capacity, as well as improvements in passenger experience. However, with the adoption of information and communications technologies in railway maintenance, vulnerability to cyber threats has increased. It is essential that organizations move toward security analytics and automation to improve and prevent security breaches and to quickly identify and respond to security events. This paper provides a statistical review of cybersecurity incidents in the transportation sector with a focus on railways. It uses a web-based search for data collection in popular databases. The overall objective is to identify cybersecurity challenges in the railway sector.

show abstract

Cyber risk and insurance for transportation infrastructure

Cited by 33 publications

References 17 publications

IT service outage cost: case study and implications for cyber insurance

IT service outage cost: case study and implications for cyber insurance

Insurance of Cyber Risks in International Transport

eMaintenance in railways: Issues and challenges in cybersecurity

Contact Info

Product

Resources

About