Newsletters

On 2 May, transport stakeholders and legislators gathered in Brussels for the Transport Cybersecurity Conference. The event was organised by DG MOVE, DG CNECT, and key EU transport and cybersecurity agencies. CLECAT highlights the following key takeaways from the conference:

Cyber threats can be highly disruptive and are carried out by well-organised groups, with the transport sector being the third most targeted sector by cyber incidents in the EU. Alarmingly, 51% of companies take up to a month to address vulnerabilities, leaving them open to hackers for extended periods. Given the inevitability of cyber threats, it is crucial to be prepared for cyberattacks before they occur to protect critical infrastructure.

Implementation: In recent years, the EU has passed key legislation to protect itself from cyber attacks, such as the NIS2 Directive and the Cyber Resilience Act. Now, the focus shifts to implementation, with both legislators and stakeholders recognising potential challenges for industry and suggesting ongoing collaboration to foster a secure and resilient transport sector across the EU. Guidance may be necessary to help stakeholders understand their obligations.

Resilience: When an attack disrupts a transport company’s operation, limiting disruptions becomes the priority. However, companies can minimise disruptions by incorporating cybersecurity into their system design, reducing opportunities for hackers to interrupt transport. This is particularly important given geopolitical events such as Russia’s illegal aggression of Ukraine, where foreign actors may attempt to cause disruption in the transport sector also to create alarm among citizens. For example, reports indicated that in 2023, there was an increase in cyber-attacks targeting airports and airlines.

Reporting: It is essential to keep authorities aware and up to date on the latest threats in transport across the EU. However, it is key to streamline reporting processes to avoid unnecessary administrative burdens for stakeholders. Both authorities and industry must work together to achieve a smooth implementation of reporting mechanisms that ensure safety, security, and continuity of transport operations in the EU.

CLECAT emphasises the importance of securing transport operations at all times, strongly supporting cybersecurity measures that enhance resilience against cyber threats. Continuous dialogue with legislators is essential to ensure that the legislative framework includes effective measures to counteract the latest cyber threats to the EU t