Go-Ahead cyberattack might derail UK public transport services
One of the UK’s largest public transport operators, Go-Ahead Group, has fallen victim to a cyberattack. The Go-Ahead Group, which connects people across its bus and rail networks, reported it was “managing a cyber security incident” after “unauthorized activity” was detected on its network.
This type of cyber strike on the UK’s transport system isn’t uncommon. Hackers have regularly been targeting the airline industry for some time. By design, the cyberattacks intend to cause interruptions to journeys and to steal large quantities of critical customer and employee data.
The need for an autonomous response
All organizations are now contending with over a billion cyber threats each day. For transport companies to remain operational, they need to be continuously looking over their shoulder for these types of attacks. It is only by adopting an autonomous response to cyber protection that transport operators can respond with express speed, to ensure they don’t miss an attack.
Beyond that, a zero-trust stance allows IT teams to verify and assess risk continuously so that they can identify and counter cyberattacks before they enter an organization’s ecosystem. This is made easier when incorporating context, such as device, network location, and geolocation, to have total control over user access. It’s this holistic view that will give the train operators visibility into when an attack is coming.
Stretched beyond capacity
Nearly seven in ten (69%) mid-sized organizations have three people or fewer in their team looking after cyber security, according to Censornet’s ‘UK Mid-Market on Code Red Report’. This means that one in ten (11%) don’t have the time or capacity to investigate as many as 50% of the alerts they receive every day.
This inability to respond to cyber threats is compounded by the unmanageable portfolio of point products that most organizations employ. Last year, mid-sized organizations typically used an average of 24-point products. That’s a lot of cybersecurity products that need to be monitored.
A shift to a platform approach
Organizations are now moving away from running expensive and time-consuming siloed point products by adopting a platform approach. This helps drive an autonomous response to cyberattacks, reducing manual intervention and providing the best possible transparency on all incoming threats.
Critically, it allows security teams more time to investigate cyber alerts and prevent attacks like these from breaking through an organisation’s cyber defenses.