Navigation on this site is not optimized for your browser

Please use a recent version of Google Chrome, Mozilla Firefox, Safari or Microsoft Edge to get the most out of the experience.

Find a modern browser
UITP Worldwide
Topics
Topics
Modes
Themes
Resources
Resources
Community
Community
Events & Training
Events & Training
UITP Worldwide
UITP Worldwide
Africa
Australia & New Zealand
Asia-Pacific
Eurasia
Europe
India
Latin America
MENA
North America
Want to
become a member
Become a member
Hero picture
Report
publication

Practical guidelines on cybersecurity: Requirements in tendering

  • Europe
  • Global
  • Cyber Security
  • Tendering
Introduction

Tackling the misalignment between operators/authorities and cybersecurity vendors

Cybersecurity protection in public transport and railways is a new but growing concern. Nowadays, almost any product incorporates firmware or software and – because computing tools usage has become universal, from the maintenance staff to the railway President – it is one of the few cross-functional subject matters that public transport operators (PTOs) must face. Unfortunately, few employees have the relevant proficiency to deal with such complicated issues, particularly when it comes to cybersecurity for automation of physical operations, such as rail system communications, signalling and processing.

Hence, the dilemma facing PTOs: should IT/OT specialists be spearheading all functional processes (for example, marketing or procurement) that involve automation product definition or not? Role definition, particularly in this area, is a complex matter and is one that we will tackle later, describing the specific contributions that IT, OT and other cybersecurity specialists can bring to the protection of railways. That said, we strongly suggest that whenever necessary, IT/OT specialists should support their functional colleagues in creating appropriate processes and intervening on the very technical topics.

It also means over and above the usual training that all employees should have, these functional managers should rely on guidelines to help them address the cybersecurity issues in their process.

Read the Executive Summary

Are you a UITP member?

Access the Report on MyLibrary

Not a UITP member?

Provide your details & read the Report for free!

Thank you to the Report sponsors: AXIS Communications, Cylus, INIT and Waterfall Security Solutions!

Contact

Related Resources

View All
Sponsorship & advertising
 opportunities
Boost your brand
Discover all
our members
Download the full list
This website uses cookies

This website uses third-party website tracking technologies to give you the best experience, help us understand and continually improve how the site works, and to display advertisements according to users' interests. You consent to the use of our cookies by continuing to browse this website.

Cookies page
Show Details
Name Description
Core and Analytic Core cookies are essential for the website to function by allowing you to browse the website and use some of its features. Analytic cookies help us analyse how the site is used and allow us to perfect and improve your user experience. These cookies do not collect information that identifies you and are enabled by default.
Name Description
Functional These cookies allow a website to remember the user’s site preferences and choices they make on the site including username, region, and language. The data collected by these cookies are only used in connection with this website and cannot be used to track your browsing on other websites.
Name Description
Advertising These cookies track the surfing behavior of a user to a website and personalise your experience by showing you advertisements, offers, etc. tailored to your interests and preferences.