The European Commission yesterday (16 December 2020) published its Transport Cybersecurity Toolkit, a repository of tips and recommended practices to enhance cybersecurity and cyber-resilience in the transport sector.
With one in eight European businesses affected by cyberattacks in 2019, cybersecurity is becoming a growing concern for companies. Yet, many employees remain insufficiently aware of the risks, and their actions – for instance opening an unverified email attachment – may sometimes inadvertently open the door to attackers.
Against this background, the Transport Cybersecurity Toolkit aims at contributing to greater levels of cyber-awareness and cyber-hygiene, with a specific focus on the transport sector. It addresses transport organisations, regardless of their size and domain of activity.
Concretely, the toolkit contains basic information on four threats that may affect transport organisations: malware diffusion, denial of service, unauthorised access and theft, and software manipulation.
For each of those threats, the toolkit lists good mitigating practices, which are relevant for all transport staff, regardless of their occupation.
The toolkit also contains a more advanced level, which provides information that is particularly relevant for security and cybersecurity professionals in transport organisations. This advanced level is organised by transport mode: air, maritime and land. For each transport mode, the toolkit provides guidance on identifying, protecting, detecting and responding to cyber-threats.
The toolkit is aligned with other European Commission initiatives aimed at enhancing cybersecurity in Europe, such as the proposal for a Directive on measures for a high common level of cybersecurity across the Union and the EU’s Cybersecurity Strategy for the Digital Decade.