Cyber risk in the transportation sector – an evolving threat

Recent system outages at major U.S. airlines have caused significant business interruption and highlighted the growing risks of cyber threats to business operations.  But it’s not just airlines that are under threat. According to the 2016 Willis Towers Watson Transportation Risk Index, industry executives surveyed for the study cited cyber risk and data privacy issues as the single biggest aggregate threat across all sectors of the industry including air, sea and land. While network connectivity creates great opportunity, it also carries operational, privacy, and network security issues that organizations must take into account.

Key cyber risks affecting the transportation industry

Read the entire client alert about the transportation industry's cyber risks

Read the entire client alert about the transportation industry’s cyber risks

Traditionally, cyber risk has been primarily viewed in the context of data privacy. Confidential information and corporate espionage are two significant concerns. Beyond data privacy risks, in recent years there has been an unprecedented increase across the transportation industry in using networks and technology for many critical operations. These networks often involve both direct and indirect partners, leading many transport organizations to underestimate their reliance on functioning networks to carry out core business activities. Cyber-attack can potentially ground an entire fleet of aircraft, disable central navigation controls or interrupt transport guidance systems.

Cyber incidents must now be viewed alongside natural disasters, political events and other external risk factors as being capable of significantly affecting business activities, often for an extended period.

What can companies do?


Developing a crisis management plan to effectively respond to a network incident can greatly minimize the organizational impact of a cyber-attack.


Understanding the diversity of these threats, and the operational consequences of network outages, is now a key part of an organization’s enterprise risk management. Each company must identify its critical assets and operations, then develop a comprehensive strategy to respond to potential threats.


Quantifying the operational costs of a system outage, as well as the costs incurred in responding to an event and restoring critical network access, can equip transportation companies with valuable data to make contingency planning and minimize financial disruption.


Insurance programs can also assist in providing coverage for system failures, data breaches and bodily injury or property damage. The insurance industry is evolving quickly to meet the unique demands presented by cyber risk in the transportation industry, and new products are continually being developed that provide balance-sheet protection for companies having to respond to ever-changing threats.

Across air, sea and land transportation, competition and rapidly evolving markets will continue to increase the role of technology in daily operations. Companies must adapt to this new environment and ensure that diverse cyber threats are identified, quantified and mitigated across their organization.

About Dominic Keller

Dominic Keller is a Vice President of Willis Towers Watson’s FINEX Cyber and E&O team. Based in San Francisco…
Categories: Aerospace, Cyber Risk | Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *