June 15, 2020

Rail Cybersecurity Summit 2020 - The key takeaways

Towards a Security Centric Culture

The Rail Cybersecurity Summit features the best global Technology and Information Security experts across the Rail supply chain.

Mattias Vanhoutte, R&D Engineer at Televic, was there and shares the most important highlights

> Download the infographic

Mattias Vanhoutte, R&D Engineer at Televic, shares the most important highlights of the Rail Cybersecurity Summit Mattias Vanhoutte, R&D Engineer at Televic, shares the most important highlights of the Rail Cybersecurity Summit
Rail Cybersecurity Summit 2020 - Secure by design

Prevention, monitoring, detection and response

Factor security into the solution at the  start of the design process to make it less vulnerable. Assume that the system can and will be breached rather than believe that the system is impenetrable. This approach includes prevention, monitoring, detection and response, putting in place the measures to recover to normal operations as quickly as possible.
 

Rail Cybersecurity Summit 2020 Third party risk

Managing supply chain risk

Take some time to understand where the supply chain starts and finishes and what comprises your supply chain. It is also important to understand what data your organisation is sharing, the value of that data and whether you have the right controls to ensure information is shared with the appropriate supplier.  The biggest challenge is to strike the balance between the protection and controls and the requirement for people to carry out their respective role without overly onerous restrictions.

Rail Cybersecurity Summit - Information Sharing and Analysis Centres ISACs

Information Sharing and Analysis Centres

The rail industry has its own industry specific Information Sharing and Analysis Centres (ISACs) to encourage information sharing and gain the full value of the shared threat intelligence. The Rail ISAC in Europe now comprises over 50 organisations from 10 countries since the initial launch on June 4th, 2019.

Rail Cybersecurity Summit 2020 - Asset register

Identifying all digital assets

Understanding what assets are owned by the enterprise and connected to the network is essential for organisations to understand the risk and prepare accordingly. An accurate operational picture will improve efficiency, make the creation of digital manuals easier and give you the opportunity to start using augmented reality for asset management. However, identifying all the digital assets is not straightforward due to the growing number of devices, suppliers and the frequency of replacement. Moreover, it's important to protect the inventory as it provides a potential blueprint for hackers to attack the network.

The weakest link is the attacker's entry point.
 

Yes, keep me informed

I want to register for the bi-monthly newsletter with articles about trends, case studies and new features.