The railway sector is facing a new challenge: the Network Information Security (NIS) regulations. According to a 2020 survey by the European Union Agency for Cybersecurity (ENISA), only 33% of rail operators of essential services (OES) have fully implemented defensive measures against cyber-attacks, as recommended by NIS regulations. This places their software under serious threat – not to mention their compliance with regulations. When security breaches occur the ripple effect throughout an organisation can be vast, with implications that are both financial and personal. There may also be implications concerning system safety and resilience.
This course is an introduction to the major themes of cyber security and will start you on a journey to the creation of a secure rail operation. You will be able to communicate effectively, make informed trade-offs, assess risk, improve defences, and reduce vulnerabilities in your systems.
The course content is mapped to:
• Industry standard competencies, skills and evidence requirements relevant to rail safety work (see our website for details)
• Industry regulations
• National and international standards
Information is interspersed with practical exercises. There is a short multiple-choice examination at the end to assess the identified learning outcomes.