Cybersecurity Guidelines for Railway Employees

We are pleased to inform you that on 2 August 2021, the following information was posted on the Office of Railway Transport website (under the News tab), with reference to the Railway Research Institute's Issue 191 of "Problemy Kolejnictwa" (Railway Reports).:

Cybersecurity Guidelines for Railway Employees

Cybersecurity Guidelines for Railway Employees have been developed in the Information Sharing and Analysis Center ISAC-Kolej. The study is based on the document "Transport cybersecurity toolkit" prepared and published by the European Commission. The guidelines are available in the latest issue of "Problemy Kolejnictwa" (Railway Reports).

The guidelines describe in an accessible and synthetic way the four most important threats: malware, (distributed) denial of services (D)DoS, unauthorized access and theft malware, and software manipulation. The document also outlines good practices to minimise risk. Modern digital solutions are used both to support the activities of entities contributing to the railway system and to support the operation and supervision of railway operations. Therefore, the guidelines should be disseminated to the maximum possible extent among railway employees that use computers in their work.

ISAC-Kolej – Information Sharing and Analysis Centre ISAC was established as a result of an agreement between railway companies, the Railway Research Institute and NASK - National Research Institute. The main objective of ISAC - Kolej is a constant exchange of knowledge and experience in the field of cyber security incidents between the participating entities. The initiative also contributes to increasing the resistance to cyber threats of ICT systems used by the railway transport.

The guidelines are available free of charge in Issue no. 191 „Problemy Kolejnictwa” along with an article which briefly presents European and national activities carried out in order to protect railway transport against cyber threats.