In a sector built on interdependence, the blast radius of a cyberattack extends across supply chains, borders and economies, making cybersecurity a matter of global service continuity.
According to the joint Kaspersky and VDC Research study ‘Driving Cyber Resilience Across Transportation and Logistics’, more than two-thirds (68%) of transportation and logistics (T&L) organizations expect to be fully digital within the next two years, compared with less than 5% today.
The same connectivity that enables real-time fleet visibility, predictive maintenance and centralized terminal operations also expands the attack surface across cyber-physical systems (CPS), remote access pathways and third-party integrations. Unsurprisingly, cybersecurity-related concerns were cited as the most significant barrier to implementing digital technologies (36%).
What is driving transport & logistics digitalization?
To understand where the weak points are in the system, we need to understand where digitalization will be used. The top four different drivers behind this transformation are: improving throughput and network efficiency leads investment decisions (31%), building cyber resilience (27%), enabling new business models (16%) and reducing operational costs (10%).
What is striking in these findings is the prominence of cyber resilience itself as a transformation driver. Organizations recognize that security is not a constraint on digitalization but a prerequisite for it. When dispatch systems, terminal operating platforms and warehouse control environments become central to throughput, any disruption to those systems is a direct hit to revenue and service commitments.
Yet the barriers to securing that transformation remain formidable. Beyond cybersecurity concerns, organizations identified stakeholder coordination gaps (28%) and limited skills, staffing and budget (26% each) as significant obstacles.
These figures reveal the sector’s cybersecurity challenge is as much organizational as it is technical. Transportation and logistics operate across a mosaic of operators, port and terminal authorities, infrastructure owners, service providers and regulatory jurisdictions with each applying different standards, risk thresholds and accountability models.
Human and technical challenges in securing transport & logistics operations
Technology rarely fails in isolation. In T&L the most persistent cybersecurity gaps are rooted in workforce capacity, governance misalignment and the structural complexity of environments that must never stop running.
Keeping OT systems and devices patched is the top security challenge cited by survey respondents (48%). Close behind it, a shortage of personnel with OT security knowledge and experience was identified by 36% of respondents.
Organizational alignment compounds the problem further. Operations teams prioritize safety, punctuality and throughput. IT teams prioritize confidentiality, integrity and availability. When these functions lack a shared language for risk and when OT cybersecurity governance still sits primarily with IT (54% IT-led policy management vs. 12% OT-led), patching schedules, segmentation decisions and remote access governance stall in the gap between them.
Consequences of inadequate OT cybersecurity
The financial and operational data from the Kaspersky / VDC Research survey makes the scale of this exposure concrete:
- 68% of respondents reported that cybersecurity incidents led to measurable financial impacts
- More than 40% estimated financial damages exceeding $1 million per incident
- The average operational interruption caused by cybersecurity incidents was nearly 12 hours
Twelve hours of downtime in a hub-and-spoke freight network does not mean 12 hours of delay for one shipment. It means cascading congestion, missed connections and a recovery window that can stretch for days as backlogs unwind across interconnected schedules and partner dependencies. In tightly coupled networks.
Organizations cannot afford to treat cyber-physical systems (CPS) security as an auxiliary function in this context. It is a core component of service continuity, network reliability, and, ultimately, economic stability.
Strengthening CPS security in T&L
When it comes to addressing the challenges, organizations have three main routes to success.
First, cyber-physical systems security must be managed as part of enterprise risk and resilience planning, not delegated to IT teams who may lack visibility into the operational realities of field environments, terminals and control centers.
Second, protection should be designed around uptime, safety and cascading network effects. Controls must fit always-on environments. Patching and maintenance must work within tight change windows. Detection must be OT-aware, because the early signals of a sophisticated attack often appear in subtle changes to system behavior rather than obvious anomalies.
Third, organizations should partner with CPS-savvy providers to strengthen operational resilience. The survey findings confirm what operators already know: service and support capabilities and total cost of ownership were the top vendor selection factors (58% each). Operators need solutions that can be deployed safely, maintained consistently across sites, and supported effectively under pressure not just point solutions that perform well in controlled conditions.
Transport and logistics organizations need industrial-grade protection that enables real-time asset visibility and anomaly detection, similar to what is provided by the Kaspersky OT Cybersecurity Ecosystem. At the heart of this ecosystem is Kaspersky Industrial CyberSecurity (KICS), a native Extended Detection and Response (XDR) platform built specifically for critical infrastructure protection, which combines OT network visibility and monitoring with endpoint protection and detection capabilities.
For transportation and logistics operators, this unified approach directly addresses the sector’s core challenge. Find out how your organization’s approach to securing OT systems compares with others in the sector on our dedicated website.
