This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our
and .overview
Key Learning Objectives
- What is Railway Cyber Security? (putting it into the context of railway and transportation).
- Identify the threats and vulnerabilities (such as cyber security, safety and availability).
- Develop mitigation actions for threats and vulnerabilities and recovery from potential consequences.
- Cyber Security – What standards are available for dealing with threats.
- An understanding of how TS50701 and IEC62443 can improve cyber security across the entire railway.
- How to manage IT and OT cyber security as a business.
Background
The railway sector is facing a new challenge: the Network Information Security (NIS) regulations. According to a 2020 survey by the European Union Agency for Cybersecurity (ENISA), only 33% of rail operators of essential services (OES) have fully implemented defensive measures against cyber-attacks, as recommended by NIS regulations.
This places their software under serious threat – not to mention their compliance with regulations. When security breaches occur the ripple effect throughout an organisation can be vast, with implications that are both financial and personal. There may also be implications concerning system safety and resilience.
About the Course
This 2-day course is designed for engineers, managers and other rail decision makers to learn about the TS50701/IEC62443 standards for OT. This course will help attendees expand their knowledge and make better decisions around the standards and their application in the area of railway cyber security and conduct discussions as an educated client should.
This course is based upon the new railway cyber security specific CENELEC specification TS50701 and best practice from other OT and IT cyber security standards such as IEC62443.
The training provides a complete overview of the important standards, with well-structured presentations and discussion sessions ensuring that attendees get the most from participating.
Who Will Benefit
This course is for railway business leaders, managers, railway inspectors, railway legislators, safety professionals, planners, Information Technology (IT) professionals, resilience specialists and railway engineers tasked with making decisions that could impact the cyber resilience of technical and organisational systems.
Executive Coaching
Take your learning and development further and experience transformational impact on your career progression. Our Executive Coaching and Mentoring programme offers you additional value and benefits to reinforce key learning outcomes obtained on an Informa course. Package your learning to incorporate additional 1-on-1 executive coaching with our expert Instructor.
To learn more or to include Executive Coaching and Mentoring as part of your registration for this course, please contact one of our Training Consultants on +61 (2) 9080 4395 or email training@informa.com.au or refer to the registration page when booking online.
Testimonials
Nice overview presented. Howard brought a lot of technical experience with him.
– Principal, Shaktl Corp P/L
Very knowledgeable with significant and relevant experience. Approachable and gave excellent examples of practical application.
– Manager Rollingstock Engineering, Public Transport Services
Course Outline
DAY 1
Module 1
- Introduction to Cyber Security in Railway Systems
- Setting the Scene
- Threat Landscape in the Railway Domain
- Safety and Security
Module 2
- Cyber Security Overview
- Terminology
- GDPR
- Cyber Security challenges
- Risk Factors
Module 3
- Cyber Security Incidents
- Lodz Tram Cyber Attack
- Stuxnet Cyber Attack
- San Francisco Municipal Transportation Authority Ware Attack
- Deutsche Bahn Ransom Ware Attack
Module 4
- Cyber Security Standards and Schemes
- IEC 62443 Series
- ISO27001
- NIS regulations
Module 5
- TS50701 and the Railway System
- Introduction
- Railway asset model
- Railway physical architecture model
- High-level railway zone model
Module 6
- Cyber security within a railway application lifecycle
- Railway application and product lifecycles
- Activities, synchronization and deliverables
- Cyber Security context and cyber security management plan
- Relationship between cyber security and essential functions
- Cyber security assurance process
Q&A Session
Discission around the following:
- Differing Priority for IT and OT
- Differing Experiences
- Differing Scopes
- OT teams and IT Teams
- IT/OT interfaces
DAY 2
MODULE 7
- System Definition and Risk Assessment
- Identification of the system under consideration
- Initial Risk Assessment
- Partitioning of the SuC
- Output and documentation
- Establishment of cyber security requirements
- General guidance on risk assessment including setting
Security Levels (SL)
MODULE 8
- Cyber Security Requirements
- Objectives of Security Requirements
- System security requirements
- Apportionment of cyber security requirements
MODULE 9
- Cyber security assurance and system acceptance for
operation - Cyber security case
- Cyber security verification
- Cyber security validation
- Cyber security system acceptance
MODULE 10
- Operational, Maintenance and Disposal Requirements
- Vulnerability management
- Security patch management
- End of Life
MODULE 11
- TS50701 Appendices and Guidance
- Legacy Equipment Systems
- Cyber Security Best practice for OT
Q&A Session
Discission around the following close yet, different relationships:
- Effective process for IT and OT
- Teamwork
- Resolving potential conflicts
- Data sharing
- Sum and way forward
- Test
when & where
08 - 09 Dec 2022
12 - 13 Dec 2022
On-site & in-house training
Deliver this course how you want, where you want, when you want – and save up to 40%! 8+ employees seeking training on the same topic?
Talk to us about an on-site/in-house & customised solution.
contact
Still have a question?
Sushil Kunwar
Training Consultant
+61 (0)2 9080 4395
training@informa.com.au