Rail industry news (Australia, New Zealand), Cybersecurity, Information Technology

A concerted effort keeping rail travel secure

At Alstom, more than 350 rail cybersecurity specialists and their peer railway engineers cooperate with customers, regulators and technology partners to protect rail networks from the disruption of cyberattacks. 

Cybersecurity is a top priority in preserving not only the safety and security of rail networks but also in ensuring that travellers’ peace of mind is maintained.

Through the concerted efforts of more than 350 rail cybersecurity specialists and their peer railway engineers, Alstom works hand-in-hand with customers, regulators and technology partners to keep rail networks safe from the disruption of cyberattacks.

Eddy Thésée, Alstom’s vice president of cybersecurity products and solutions, leads this global team who work behind the scenes, collaborating and developing tailored solutions to mitigate the evolving threats that could potentially impact operations.

With this progress comes a heightened need for cybersecurity measures to safeguard the intricate web of Information Technology (IT) and Operational Technology (OT) environments that power rail networks worldwide.

These rail technologies not only facilitate smooth operations but also ensure the safety and security of passengers and cargo. The imperative to secure a rail environment made of IT and OT components in railways cannot be overstated.

The attack surface is increasing

The integration of more software and connectivity in rail operations has enabled several transformative benefits, from predictive maintenance to real-time monitoring of train movements. 

However, it has also introduced vulnerabilities that malicious actors may exploit. The railway industry is increasingly viewed as a viable target for cybercriminals.

Without robust cybersecurity measures, critical functions such as signalling, track switching, braking, distance management and communication systems are at risk of being compromised, leading to potential disasters. Cybercriminals may also decide to attack ticket machines, passenger information displays and wi-fi systems. Proactively securing these environments is paramount to safeguarding against cyber threats and ensuring uninterrupted and safe rail services.

Behind the scenes, a multitude of teams diligently work to secure digital infrastructure and communications networks in rail. From cybersecurity experts conducting risk assessments to IT professionals implementing robust firewalls and intrusion detection systems, each plays a crucial role in mitigating potential cyber threats. Operational teams continually monitor network traffic and promptly respond to any suspicious activities to prevent breaches before they escalate. Their concerted efforts are geared towards making every journey safe and secure for passengers and freight alike.

Alstom Australia and New Zealand signalling and infrastructure director, Dominic Clark, shares insight into the challenges and strategies securing rail networks.

“Railway systems are complex ecosystems. Our focus is on implementing a multi-layered defence strategy, combining advanced threat detection technologies with rigorous employee training to mitigate cyber risks effectively,” Clark said.

Clark’s sentiments resonate with cybersecurity professionals across the industry. The dynamic nature of cyber threats demands a proactive approach to cybersecurity, where continuous monitoring and threat intelligence sharing are essential.

“Cybersecurity is not a one-time effort but an ongoing journey,” emphasises Clark. “By staying vigilant and adapting to evolving threats, we can stay one step ahead of potential cyber adversaries,” he said.

Over the past 10 years, Alstom has developed a team of more than 350 internal experts with a dual cyber and rail culture, or a broad understanding of both cyber and physical security. This means they can identify the IT risks while speaking the same language as rail operators, in terms of reliability, operational efficiency and long-term commitment to performance.

Beyond Alstom’s efforts, collaboration among various stakeholders is crucial in fortifying rail cybersecurity. Government agencies, industry associations, and cybersecurity firms must work hand in hand to establish standards, share threat intelligence, and develop best practices tailored to the unique challenges faced by the rail sector. This collective effort ensures a unified approach to addressing cyber threats and reinforces the resilience of rail networks worldwide.

Alstom emerges as a leader in prioritising cybersecurity within its current and future plans. Recognising the evolving threat landscape, Alstom has integrated cybersecurity principles into every stage of product development, from design to deployment. By adhering to international standards and collaborating with industry experts, Alstom ensures that its rail solutions are protected against cyber threats. Additionally, the company invests in employee training and awareness programs to foster a cybersecurity-centric culture across its workforce.

“When Alstom started building its cybersecurity team in 2013, partnerships with cyber experts were focused on gaining knowledge on cybersecurity processes and learning from best practices in other industries. After a few years, the internal assets had been acquired, the processes set up and the impact on engineering identified. That’s when the company started looking for new partnerships, aiming to bring cyber solutions that would bridge the gap between the two worlds,” said Clark.

Alstom’s commitment to cybersecurity extends beyond product development to encompass proactive measures in securing rail infrastructure. Through partnerships with cybersecurity firms and government agencies, Alstom conducts regular vulnerability assessments and threat intelligence gathering to stay ahead of emerging risks. Alstom also advocates for industry-wide collaboration to address cybersecurity challenges collectively, emphasising the importance of shared responsibility in safeguarding rail networks.

With a comprehensive portfolio spanning signalling systems, rolling stock, and rail infrastructure solutions, Alstom integrates cutting-edge cybersecurity features into each product. From advanced encryption protocols to intrusion detection systems, Alstom’s solutions are engineered to withstand cyber threats while maintaining seamless operations. The company also provides tailored cybersecurity consulting services, assisting rail operators in assessing vulnerabilities, implementing preventive measures, and building resilient cybersecurity frameworks.

Through dedicated research and development efforts, Alstom continuously enhances its cybersecurity capabilities, staying ahead of emerging threats and evolving regulatory requirements. This notion of regular reviews and updates to anticipate and adjust to new threats is new to the rail culture, but the challenge has been accepted by Alstom and is now part of the company’s DNA.

Rail operators can navigate the complex cybersecurity landscape with confidence in partnership with Alstom, knowing that they have a trusted ally committed to their safety and security. Together, it upholds the integrity of rail networks, preserving the trust of passengers and stakeholders alike. With Alstom’s expertise and unwavering dedication to cybersecurity, the future of rail travel is not only efficient and sustainable, but also resilient to emerging cyber threats.