Freely subscribe to our NEWSLETTER

"Cyberattackers are steering at public services and infrastructures. They are more innovative, and their attacks are increasingly targeted, so it’s becoming more challenging for IT admins and security teams to put any single process or technology in place to protect against threats. Transport is particularly one of the most vulnerable industries to cyber-attacks. Even a few hours of disruption to a transport hub can cause millions of pounds of losses, and the knock-on effect on commuters, commerce, and business can be huge.

To limit the impact of these attacks, businesses should identify the security weaknesses that could enable the attack to take place and avoid disasters by ensuring they have the right business continuity plans in place. The good news is that Go-Ahead’s UK or International rail services reported they are operating normally despite the incident, so the key learning lesson here is making sure that both security and recovery processes are in place and tested regularly.

Having clearly defined security policies and procedures can avoid any information leaks. This starts with employee education, underscoring all effective cyber resilience and data protection strategies. Security awareness training programmes can now inform and educate employees on the latest threats in real time, including information security, social engineering, malware, and industry-specific compliance topics. Attack simulations can automatically send users for re-education should any training issues be identified.”

Should these proactive measures fail, it is essential that the business continuity measures can restore the business to normal operation as quickly and as efficiently as possible. A pragmatic approach is to assess an organisation’s data and infrastructure criticality and then employ combinations of disaster recovery (failover) and backup and recovery solutions to meet any recovery time and restore point objectives."