Hero picture
Report
publication

Practical guidelines on cybersecurity: Requirements in tendering

  • Europe
  • Global
  • Cyber Security
  • Tendering
Introduction

Tackling the misalignment between operators/authorities and cybersecurity vendors

Cybersecurity protection in public transport and railways is a new but growing concern. Nowadays, almost any product incorporates firmware or software and – because computing tools usage has become universal, from the maintenance staff to the railway President – it is one of the few cross-functional subject matters that public transport operators (PTOs) must face. Unfortunately, few employees have the relevant proficiency to deal with such complicated issues, particularly when it comes to cybersecurity for automation of physical operations, such as rail system communications, signalling and processing.

Hence, the dilemma facing PTOs: should IT/OT specialists be spearheading all functional processes (for example, marketing or procurement) that involve automation product definition or not? Role definition, particularly in this area, is a complex matter and is one that we will tackle later, describing the specific contributions that IT, OT and other cybersecurity specialists can bring to the protection of railways. That said, we strongly suggest that whenever necessary, IT/OT specialists should support their functional colleagues in creating appropriate processes and intervening on the very technical topics.

It also means over and above the usual training that all employees should have, these functional managers should rely on guidelines to help them address the cybersecurity issues in their process.

Are you a UITP member?

Not a UITP member?

Thank you to the Report sponsors: AXIS Communications, Cylus, INIT and Waterfall Security Solutions!

Contact

Sponsorship & advertising
opportunities
Discover all
our members
This website uses cookies

This website uses third-party website tracking technologies to give you the best experience, help us understand and continually improve how the site works, and to display advertisements according to users' interests. You consent to the use of our cookies by continuing to browse this website.

Cookies page
  • Essentials Essentials

    Those cookies are essentials to the functioning of the site and cannot be disabled in our systems. They are generally set as a response to actions you take that constitute a request for services, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block or be notified of these cookies, but some parts of the website may be affected. These cookies do not store any personally identifying information.

    cloudflare

    Cloudflare uses various cookies to maximize network resources, manage traffic, and protect our customers’ sites from malicious traffic.

    epic-cookie-prefs

    Cookie that remembers the user’s cookie settings preferences. It allows to avoid asking the user about their preferences each time they visit the website.

  • Performance

    This Google Analytics cookie is used to persist session state. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic anonymously.

    _ga

    This Google Analytics cookie is created when you first visit our site. It contains the version of Google Analytics, a randomly generated ID and a datetime group of your first visit. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic anonymously.

    _ga_(STREAM ID)

    This Google Analytics cookie is used to persist session state. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic anonymously.

This website uses cookies

We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.