Thanks to digitization, passenger services are continuously gaining in efficiency and convenience. Online services such as purchasing tickets by app, digital timetables, and real-time location information are making a major contribution to this. The downside of this digital transformation is that cyber attacks are becoming a real threat to transport companies. Securing digital processes is therefore more important than ever for the industry.
Intensified threat situation
Cybercriminals are increasingly targeting critical infrastructure and services such as passenger transport. This is shown by mitigation data from Myra Security and studies by Interpol, the German Federal Criminal Police Office (BKA), and the German Federal Office for Information Security (BSI). Allianz even lists cyber incidents as one of the top three threats to the transportation sector in its Risk Barometer 2021—along with operational failures and pandemic outbreaks.
Ensuring the highest level of availability
For smooth transport operations, web portals and apps must be permanently available and perform well. If passengers are unable to buy tickets online due to disruptions or outages, this has a negative impact on customer satisfaction and causes direct loss of revenue and a lasting loss of reputation. Sometimes there is also the threat of personnel consequences, for example if transport operations are disrupted for a longer period as a result of a cyber attack. IT security to protect web applications and portals is therefore of crucial importance.
Heavy penalties for data breaches
Data protection also plays an important role in the transportation sector. According to research by IBM and Verizon, malicious attacks are the main cause of data breaches and data theft in the transportation sector. There is a risk here of heavy fines as a result of violations of the General Data Protection Regulation (GDPR). Fines of up to 20 million euros or up to 4 percent of annual global sales, whichever is higher, may be imposed. If sensitive customer data falls into the wrong hands, executives responsible for this may face fines or even imprisonment. Transportation companies carrying 125 million or more passengers per year are also considered critical infrastructure (KRITIS) and must comply with particularly stringent regulatory requirements under the BSI Act (BSIG) and the IT Security Act (IT-SiG).
Myra Security offers custom solutions for passenger services
ISO 27001 based on IT-Grundschutz [baseline IT protection], PCI-DSS, Trusted Cloud, BSI C5 in preparation
GDPR and IT-SiG compliant, BSI-KRITIS certified
Security Operations Center
24/7 full-service support from our IT experts in Munich
Quick installation and easy operation
Made in Germany
Development and operation entirely in Germany
Many years of experience
Myra specializes in the protection of critical infrastructure
Our technologies for protecting passenger services
As an upstream filter, Myra Web Application Security protects your web applications. Malicious traffic is filtered before it reaches your servers or cloud architecture. Using Myra’s multi-fingerprinting features, any applications attempting to access the servers are clearly identified and displayed in Myra Analytics.
Myra DDoS Protection automatically protects online tools, websites, and the DNS servers and IT infrastructure required for communication. Myra is one of the only BSI-certified DDoS protection providers worldwide that completely fulfills all of the performance requirements. As such, highly sensitive infrastructure is in safe hands with Myra.