How Can Cybersecurity Vendors Meet the Multitude of Needs of the Railway Sector?

The cost of railway operation shutdowns, system upgrades, or meeting the financial demands of attackers can be astronomical for the sector. Given the symbolic significance of the sector, cyberattacks will be amplified, leading to substantial reputational and financial risks if systems are not protected. This makes the role of cybersecurity vendors paramount to the integrity of railway operators.

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Research Highlight.

Market Overview

  • On average, a cyberattack incident against critical rail infrastructure occurs every 30 to 33 days, reflecting the dangers the industry is facing.
  • Railway cybersecurity vendors informed ABI Research that cyberattacks against rail systems have increased more than 220% over the last 5 years, resulting in billions of dollars in estimated losses.
  • Increasing attention toward railway cybersecurity, including new regulatory requirements, such as a new U.S. Transportation Security Administration (TSA) directive will contribute to business opportunities for rail and Operational Technology (OT) cybersecurity vendors.
  • With the advent of connected online systems and the convergence of OT and Information Technology (IT) systems, network and data sharing security between IT and OT systems is proceeding to become an integral component of safety, providing new market opportunities.
  • There will be an almost two-fold increase of Internet of Things (IoT) connections in the rail sector between 2022 and 2026 based on ABI Research’s forecasts—from 9 million IoT connections to 20 million.
  • Growing at a Compound Annual Growth Rate (CAGR) of 16%, security services revenue only accounts for US$1.08 billion of the total US$25.3 billion in rail IoT revenue generated between 2022 and 2026.
  • Rail security’s low proportion of the total IoT services revenue (just 4.2% of 2026 total IoT revenue) means cybersecurity spending for rail systems is being outpaced by the growing threats.
  • Cybersecurity spending in the railway industry is dwarfed by investment in data analytics, professional services, and device application platform services—each use case generating more than US$1.5 billion in revenue in 2026.

“Newer technologies developed for rail, including train control systems, predictive maintenance, intelligent rail infrastructure, and operations and Freight Information Systems (FIS) require an integrated transportation ecosystem. This means increasing data transfers between IT and OT systems, and a higher possibility of intercepting the data by malicious actors, or infiltrating OT systems via the IT environment.” – Michael Amiri, Senior Analyst at ABI Research


Get More Data 

Key Decision Items

Unique Cybersecurity Needs Require Tailored Solutions

The railway industry is distinct from other industrial sectors, as it widely deploys legacy and proprietary mechanical and digital rail systems. For example, railway signaling systems have a lifetime of over 30 years stretched lineside a vast network of tracks. Moreover, the railway industry is distinguished from other transportation sectors in that trains run on dedicated tracks and Industrial Control Systems (ICSs) are used to manage the railway infrastructure. These unique characteristics of the railway industry, in addition to the need for greater communication among train operators, present an opportunity for cybersecurity vendors to tailor solutions to these systems based on the rail organization’s special needs.

A comprehensive cyber strategy needs to be tailored to the specific demands of these different areas, where the speed of development and concentration of technologies vary. Successful vendors will address such discrepancies, and market their solutions differentiating operational networks, such as rolling stock, interlocking, and signaling systems, with faster evolving technologies like passenger connectivity or payment systems that are commonly defined as belonging to IT.

Use the Railway Sector’s Breadth to Increase Contract Value

The rail cybersecurity sector is wide-ranging, which is good news for vendors targeting the transportation space. Among the Industry 4.0 applications involved in this all-encompassing industry include network security, asset visibility, rail signaling systems, power systems, rail facilities, data and cloud security, and maintenance. This means cybersecurity vendors should use the enormous breadth of the railway industry to their advantage. After speaking with several vendors, ABI Research found that these companies’ rail cybersecurity contracts are 15% larger than those with other industries because of the higher number of applications needing their technologies.

Frequent Assessment Is Worth the Future Costs

The cybersecurity threat landscape is evolving and will change over time due to newer rail technologies. Therefore, penetration tests and cybersecurity resilience assessments should be implemented in shorter intervals of at least 2 to 3 years. This creates an opportunity for security vendors to market their solutions tailored to rail infrastructure. Cyberthreat simulation and penetration tests will guarantee that both areas of technology are securely communicating. Moreover, these assessments will help cybersecurity vendors evaluate possible vulnerabilities between the different OT and IT environments.

Data Are Essential in Procuring Spare Parts and Maintenance

Efficiency is crucial for rail operators to minimize downtime. Yet, due to the prevalent reliance on human experience, parts inventories are usually either high or low. As malicious actors are inclined to hijack the data contained in maintenance systems, it’s crucial that these systems are secure. OT-IT convergence is crucial for inventory management, making it essential for railway cybersecurity vendors to emphasize how secure convergence is vital for improving Key Performance Indicators (KPIs).

Market a Comprehensive Package of Cybersecurity Solutions

Given the highly integrated and connected nature of the rail cybersecurity sector, a host of solutions need to be deployed to secure communications between IT and OT systems. These include monitoring, firewalls, intrusion detection, unidirectional gateways limiting IT flows to OT systems, and defining critical zones where data flows are more closely controlled. Offering a comprehensive package of cybersecurity solutions that address various aspects of railway management is regarded as a good move.

Key Market Players to Watch

Dig Deeper for the Full Picture

To learn more about the OT-IT convergence and its effect on rail cybersecurity, download ABI Research’s OT-IT Convergence in the Rail Industry: Securing Data Flows as Key to Security research report.

Not ready for the report yet? Check out our following Research Highlights:

This content is part of the company’s IoT Cybersecurity Research Service.

Download the report on the OT and IT convergence in the rail industry for adressing cybersecurity concerns