How and why connected cars and IoT will drive massive cybersecurity spending

It's not surprising that cybersecurity spending will increase dramatically as the transportation industry becomes more connected. Our cars are getting more intelligent and autonomous and railways and other forms of transportation are becoming more automated and intelligent as well. They're quickly adopting IoT technologies and applications to achieve higher levels of connectivity — and becoming increasingly dependent on strong, secure, reliable infrastructure to support them as a result.

As our story below explains, companies like Council Global Lead Partner IBM are expanding into IoT and automotive security to make the transition to the next generation of transportation as painless and secure as possible. However, many challenges and unanswered questions remain and the technologies and how we use them are evolving rapidly. And city leaders, policy makers and other stakeholders should keep that in mind as they plan and prepare for implementing their smart city transformations. — Doug Peeples


First, the numbers
An ABI Research reported cited by Council Advisor TM Forum predicts cybersecurity investments in roads will hit $5 billion by 2022 and that aviation will follow with $3.9 billion and railways with $3.5 billion. And a Gartner report forecasts that the number of cars built with some form of data connectivity will hit 61 million in four years.

The TM Forum article noted that roadway spending on cybersecurity will primarily be for 'vehicle-to-anything' (V2X) communications infrastructure essential for connected and self-driving cars to talk to each other, the network they're connected to and others using the roads. The communication needs to be ongoing to prevent accidents and to coordinate traffic flows, which means a hacking event or equipment or other type of failure could have disastrous consequences.

Also, transportation networks rely on industrial control systems (ICS) and integrating their operational technologies (OT) will require deployment of better cybersecurity. As Michela Menting, ABI research director, said, the current level of cybersecurity protection for OT is inadequate. "The new generation of ICS is Internet-enabled, using commercial off-the-shelf software and leveraging a range of non-proprietary protocols. Transport stakeholders will have to implement digital security if they want to successfully realize the efficiencies and cost savings that connected OT promises to deliver," she said.

To accomplish that goal, Menting recommended an extensive international collaboration between public and private stakeholders, specialists in IT and OT, cybersecurity professionals, control system companies and others. In a way that's already taking place but possibly not as extensively as Menting recommended. TM Forum's article explained that new policies are being created globally as vendors work more closely with transportation operators on cybersecurity — and that cybersecurity is getting a lot of attention from international organizations such as NATO, the UN, ISO and others.

The need for flexibility and the ability to adapt to change
TM Forum's Open Digital/IoE Steering Group developed what it calls a 'roadmap of challenges for the Internet of Everything. One of those challenges is the playing field is always changing. As Craig Bachmann, senior director for TM Forum's Open Digital Program explained, "A key takeaway from the collaborative effort is that there's no 'end game' – no end state for IoE, no ultimate set of business or consumer products. Instead the three pillars of IoE – business models, market expectations and technical capabilities – keep changing. We need to understand and accept that this is how it is and how it's going to be, then adjust our thinking and adapt."

A new role for IBM: automotive security
To underscore the importance of and the need for enhanced cybersecurity in transportation, IBM has announced two new security testing practice areas: automotive security and IoT. The services will be provided by the specialized IBM X-Force Red research team and IBM's Watson IoT Platform. The team's focus is on developing and sharing best practices and standardizing security protocols.

Mark your calendars for Smart Cities Week in Washington, DC...
Smart Cities Week Silicon will bring together city leaders and technology innovators to explore trends and disruptive technologies for smart cities. The conference kicks off on Tuesday, October 3 with in-depth pre-conference workshops on crucial topics such as resilience and readiness. Click to learn more and register. Early Bird registration ends August 1.

Doug Peeples is a Portland, Oregon-based writer specializing in technology and energy. Follow @smartccouncil on Twitter.