Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

CyberSecurity4Rail Conference in Brussels agrees need for closer cooperation and steps towards an EU-wide rail industry ISAC

October 2017 by Patrick LEBRETON

Last week’s CyberSecurity4Rail conference, held in Brussels for senior members of the rail industry and information security experts, has strongly endorsed the formation of a sector-driven pan-European Rail ISAC (Information Sharing and Analysis Centre). Conference speakers and delegates heard wide-ranging debate on how to effectively combat cyber-crime and cyber-attack and
the panel sessions revealed a strong consensus for a structured approach to
co-operation in the future.

The conference, held in Brussels on 4th October, was attended by over 120 experts
from the railway, IT and cybersecurity industries. Sponsored and hosted by Hit Rail
B.V., specialists in the provision of secure cross border connectivity and
interoperability solutions in the railway sector, it provided a platform for
speakers, panellists and conference participants to be able to consider the current
cyber security landscape, legislative responses within the EU and how the railway
industry can cooperate to respond more effectively.

It also formed the basis for conference participants to be able to consider and
debate on their support for the proposal for a EURail-ISAC and how this might be set
up with the support of organisations such as ENISA (European Network and Information
Security Agency). Discussions also centred around how this might be combined with
initiatives in physical safety such as the Rail Common Occurrence Reporting System
coordinated by ERA (European Union Agency of Railways), under an umbrella of shared
concerns.

The discussions were in response to the adoption in July 2016 by the European
Parliament of a Directive on security of Network and Information Systems (the NIS
Directive). This Directive requires Member States to designate National CSIRTs
(Computer Security Incident Response Teams), which are also known as CERTs (Computer
Emergency Response Teams). It also created a European cooperation group (EU-CSIRT
Network), supported by ENISA, which will facilitate exchange of information between
CSIRTs/CERTs concerning incidents within Member States and cross-border incidents.

The NIS Directive emphasises the need for operators of essential services and
digital service providers to take appropriate security measures and to notify
serious incidents to the relevant national authority (relevant CSIRT/CERT) when
cyber security threats or breaches occur.

The CyberSecurity4Rail conference was an ideal occasion for progress to be made. The
wide-ranging conference programme included presentations from senior representatives
from across the industries, including representatives from two EU Directorates
concerned with cyber security, Carlos Mestre-Zamarreño of DG-MOVE, and Dr Florent
Frederix of DG-CONNECT. Speakers also included security expert Corrado Giustozzi of
SELTA SpA, Dr Josef Doppelbauer from ERA, Dr Libor Lochman from the Community of
European Railway and Infrastructure Companies (CER), Marie-Hélène Bonneau from the
International Union of Railways (UIC), as well as Rossella Mattioli from ENISA and
many senior information security officers from railway organisations and related
industries. Hit Rail’s Technical Director Mick Haynes also gave a detailed
presentation covering secure networks for collaborative services, and how a VPN can
ensure secure traffic through segmentation of sensitive data away from other
channels.

In his closing keynote, Carlo Borghini, Director of Shift2Rail concluded that the
conference had been very constructive and he encouraged the attendees to take away
the messages on how to collaborate together in practical ways, reducing replication
and divergence, sharing innovation and combatting cyber threats.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts