In 2022, there were 23,896 reported security incidents and 5,212 reported security breaches analyzed in the Data Breach Investigative Report released by Verizon’s cybersecurity team.  Of those, 305 incidents and 137 breaches were reported by the transportation industry.  To differentiate between an incident and a breach, an incident is defined as a security event that compromises the integrity, confidentiality, or availability of an information asset where a breach is defined as the confirmed disclosure of data to an unauthorized party. 

Within the transportation industry, the number one means of infiltrating an organization in 2022 was through system intrusion. In this context, system intrusion is the use of complex attacks that leverage malware and/or hacking to achieve objectives including deploying Ransomware, stealing credentials and disrupting operations. System intrusion attacks often take advantage of misconfigurations in servers and security tools, publicly exposed information and unpatched or out od support systems to enable the threat actor to take control of a system and ultimately achieve their goals. By keeping servers, workstations, and other systems on the organizations network up to date and running supported operating systems, these types of attacks can be drastically reduced.  The use of automation tools and practices such as DevSecOps can greatly assist with this goal and reduce the cost to an organization of maintaining a secure infrastructure.

By taking this information and adding a layer of detail from the Cost of a Data Breach study performed by the Ponemon Institute and sponsored by IBM we can start to build an estimate for what a misconfigured server can cost your organization. According to the study, the average cost of a data breach in 2022 was 4.35 million dollars globally. In the United States, that cost was much higher at 9.44 million dollars. This difference is due to many factors including the lack of standardized breach notification laws in the United States, the cost of reviewing those laws and ensuring compliance with them in each state which a data breach affected can increase the cost significantly. To better understand how to estimate the cost for an individual organization the study provides a per record cost estimate as well. This came out to $164 in 2022. To use this number, determine how many records on individual persons your company maintains and multiply that by $164.  This is the total estimated cost of a data breach if your entire data set is compromised. 

The Cost of a Data Breach study also provides us with data on the cost measured by attack vector.  Remember we discussed the top attack patterns used to compromise transportation companies? The average cost of a data breach due to system errors and cloud misconfigurations range from 3.82 million to 4.14 million dollars. Identifying a breach caused by misconfigured systems took between 149 and 183 days and containment of those breaches took an additional 61 to 67 days.

Building an ecosystem which uses automated tools to manage configurations and deploy systems using known secure templates will allow operations teams to prevent most of the attacks studied in both the Data Breach Investigative Report and the Cost of a Data Breach study which affected the transportation industry.  These tools, when managed by a well-organized and trained DevSecOps team, can be a force multiplier and enable significantly more secure systems at a much lower cost than traditional IT operations.