Cyber risk and insurance for transportation infrastructure. (July 2019)
- Record Type:
- Journal Article
- Title:
- Cyber risk and insurance for transportation infrastructure. (July 2019)
- Main Title:
- Cyber risk and insurance for transportation infrastructure
- Authors:
- Tonn, Gina
Kesan, Jay P.
Zhang, Linfeng
Czajkowski, Jeffrey - Abstract:
- Abstract: While advances in information technology and interconnectivity have improved efficiency for transportation infrastructure, they have also created higher risk associated with cyber systems. The objective of this study is to inform transportation policy and management in the U.S. by identifying barriers to a robust cyber insurance market and improved cyber resilience for transportation infrastructure. This is accomplished through a mixed-methods approach involving analysis of U.S. cyber incident data for transportation systems and a series of interviews with transportation infrastructure managers and insurers. Contributions include new insights into the nature of cyber risk for transportation infrastructure and recommendations on research needs to improve cyber risk management and insurance. Results indicate that the annual number of transport-related companies affected by cyber incidents and the associated costs are on the rise. The most common incidents involve data breaches, while incidents involving privacy violation have the highest average loss per incident. Cyber risk assessment, mitigation and security measures, and insurance are being implemented to varying degrees in transportation infrastructure systems but are generally inadequate. Infrastructure managers do not currently have the tools to rigorously assess and manage cyber risk. Limited data and models also inhibit the accurate modeling of cyber risk for insurance purposes. Even after improved tools andAbstract: While advances in information technology and interconnectivity have improved efficiency for transportation infrastructure, they have also created higher risk associated with cyber systems. The objective of this study is to inform transportation policy and management in the U.S. by identifying barriers to a robust cyber insurance market and improved cyber resilience for transportation infrastructure. This is accomplished through a mixed-methods approach involving analysis of U.S. cyber incident data for transportation systems and a series of interviews with transportation infrastructure managers and insurers. Contributions include new insights into the nature of cyber risk for transportation infrastructure and recommendations on research needs to improve cyber risk management and insurance. Results indicate that the annual number of transport-related companies affected by cyber incidents and the associated costs are on the rise. The most common incidents involve data breaches, while incidents involving privacy violation have the highest average loss per incident. Cyber risk assessment, mitigation and security measures, and insurance are being implemented to varying degrees in transportation infrastructure systems but are generally inadequate. Infrastructure managers do not currently have the tools to rigorously assess and manage cyber risk. Limited data and models also inhibit the accurate modeling of cyber risk for insurance purposes. Even after improved tools and modeling are developed, insurance purchase can be an important risk management strategy to allow transportation infrastructure systems to recover from cyber incidents. Highlights: Annual number and cost of cyber incidents are on the rise for transportation systems. The most common incidents involve data breach. Unintentional data disclosure incidents have the highest average loss. Cyber risk assessment, mitigation measures, and insurance are generally lacking. Further research on cyber risk models, metrics, biases, and insurance is needed. … (more)
- Is Part Of:
- Transport policy. Volume 79(2019)
- Journal:
- Transport policy
- Issue:
- Volume 79(2019)
- Issue Display:
- Volume 79, Issue 2019 (2019)
- Year:
- 2019
- Volume:
- 79
- Issue:
- 2019
- Issue Sort Value:
- 2019-0079-2019-0000
- Page Start:
- 103
- Page End:
- 114
- Publication Date:
- 2019-07
- Subjects:
- Cyber insurance -- Cybersecurity -- Transportation infrastructure
Transportation and state -- Periodicals
Transportation -- Rates -- Periodicals
388 - Journal URLs:
- http://www.sciencedirect.com/science/journal/0967070X ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.tranpol.2019.04.019 ↗
- Languages:
- English
- ISSNs:
- 0967-070X
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 9025.857730
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 13042.xml