Securing ITS: Are Information Security Management Systems The Answer?

This paper considers the use of information security management systems. As the industry of intelligent transportation systems (ITS) matures it becomes more central to the successful operation of our transport networks, develops its own brand and following, and becomes standardized. By increasing the interdependency between ITS solution we also increase the risk and likelihood that the operation of ITS can be compromised. What is needed is for the industry to fully understand the new environment, and to adopt ways of working together that allow the risks to be identified, the likelihood to be appreciated, and appropriate measures to be adopted. The industry must adopting an enterprise approach to the security and resilience of ITS, which accounts for the interconnection of ITS and avoids the current practices of assessment of individual schemes/projects/systems; understand the consequences of failure in terms of confidentially, integrity and availability, and embedding factors such as consumer confidence in ITS in this understanding; and define what can and cannot be tolerated, imagining what “good” looks like for a range of risk scenarios, and communicating this to the wider industry that is involved in specifying, implementing and operating ITS. The answer is not only the adoption of Information Management Security Systems, such as ISO27001. The key is to escalate the issue in the mind of the industry by using the mechanics of organizations like ITS America and ITS UK to bring together the wide range of stakeholders involved in securing ITS.

Language

  • English

Media Info

  • Media Type: CD-ROM
  • Pagination: 5p
  • Monograph Title: ITS Connections: Saving Time. Saving Lives

Subject/Index Terms

Filing Info

  • Accession Number: 01144557
  • Record Type: Publication
  • Files: TRIS
  • Created Date: Nov 10 2009 10:45AM