21 April, 2026

Expert Guidance on the Implementation of the Cyber Resilience Act in Mainline and Urban Railways

Europe

Summary

Developed jointly with CER and UNIFE, alongside UITP as part of the Cybersecurity Rail Sector Group, this document aims to provide sector-specific guidance to support the implementation of Regulation (EU) 2024/2847 – the Cyber Resilience Act (CRA) – by establishing a common understanding tailored to the rail environment.

Read the Expert Guidance

As a highly regulated sector, rail industry already integrates cybersecurity across its systems, continuously adapting to its specific operational realities and evolving challenges.

With the EU Cyber Resilience Act set to become fully applicable in December 2027, new complexities are emerging.

This Expert Guidance complements the regulatory framework by clarifying its application and supporting effective implementation.

Read the Expert Guidance

Contact us

Annika DEGEN

Deputy Director – Senior Policy Expert Digitalisation – Seconded by VDV

Europe

UITP Team

Email Annika

Anne-Laure LE MERRE

Consultant Regional & Suburban Rail

Europe

UITP Team

Email Anne-Laure

Miryam HERNANDEZ

Senior Manager – Knowledge & Innovation

UITP, Belgium

Email Miryam

Summary

Contact us

Annika DEGEN

Anne-Laure LE MERRE

Miryam HERNANDEZ

Related News

How Case Studies Across Europe Demonstrate the Power of Public Transport

UITP – ETF: Joint Recommendations on the next Multiannual Financial Framework 2028-2034

A Competitive and Resilient Europe Requires a Stronger EU Transport Budget: UITP Joins Forces with other Transport Organisations