"Report Details Best Practices for Railway Cybersecurity"

The European Union Agency for Cybersecurity (ENISA) has released a new report that details best practices for the cyber risk management of railway organizations. ENISA calls on European Railway Undertakings (RUs) and Infrastructure Managers (IMs) to address cyber risks systematically in their risk management processes. The report delves into applicable methods and practical examples on addressing and mitigating cyber risks that European RUs and IMs should consider. The best practices presented by the report are based on railway stakeholders' feedback. In order to manage cyber risks, RUs and IMs should identify what needs to be protected. The report highlights five key areas, including services provided by stakeholders, devices that support those services, the physical equipment used to provide the services, the people who maintain or use them, and the data used. ENISA's report also covers available threat taxonomies and lists threats that can be used as the basis. Examples of cyber risk scenarios analyzed in the report can help railway stakeholders when they conduct a risk analysis as they show how asset and threat taxonomies can be used together and are based on known incidents and actual feedback. Tho article continues to discuss the report released by ENISA to help improve railway cybersecurity. 

Homeland Security Today reports "Report Details Best Practices for Railway Cybersecurity"