Cyber risk and insurance for transportation infrastructure

Due to the sheer size of the United States transportation network, it is very vulnerable to cyberattacks, and the attackers are incentivized by the large amount of data to which they could potentially gain access. Consequently, cyberattacks on the transportation infrastructure have been rapidly becoming more frequent. The paper shows this in both quantitative and qualitative methods. First, it examines the increasing trend in the number of cyber incidents related to the transportation infrastructure every year. The number of companies attacked and financial losses also have been increasing. In addition, it also contains results from interviews conducted on the infrastructure managers and insurers. Their first hand opinion mostly showed growing concern on cyberattacks. The authors also surveyed the types of cyber attacks and concluded that the most common ones are data breach and privacy violation.

The second part of the paper focuses on methods to mitigate the growing risk of cyberattacks in the transportation infrastructure. First, more data and models are needed for both the infrastructure managers and insurers to gain a better understanding of the situation and adjust their policies accordingly. In addition stronger and more systematic cybersecurity measures should be put in place. One major difficulty in this is incorrect risk perceptions of the managers. Lastly, more academic research and efforts from policymakers are needed for transportation infrastructure cybersecurity insurance. Since this is a novel field with not much past data to utilize, additional efforts are needed for the field to follow an ideal trajectory of development.