The conference attracted 120 participants who provide a very good cross sector representation of European Railways, including IMs, RUs, IT expertise, and Security.
A total of 30 participants provided a completed feedback form. This 25% response rate (1 in 4) is very good compared with common reports suggesting around 10% average in such circumstances, and 20% being good. We can therefore be confident that we have a reasonable sample of opinion and experience. Reported ratings use a scale of 1-6.
Event logistics (questions 1 to 3) were rated very highly, with no negative comments. The venue and overall arrangements were very positively appreciated by all.
|Event Logistics||score 6||score 5||score 4||average|
|Q1. Overall management and logistics||18||10||2||5.53|
|Q2. The venue and facilities||11||17||2||5.30|
|Q3. Hospitality and meals etc.||15||13||2||5.43|
Programme, Speakers and Presentations
Respondents showed a high appreciation of speakers and programme overall.
|Programme, Speakers and Presentations||score 6||score 5||score 4||average|
|Q4. Content and relevance of presentations.||6||16||8||4.93|
|Q5. Quality of speakers overall.||5||18||7||4.93|
|Q6. Satisfaction with overall programme.||7||16||7||5.00|
Appreciation of Good and Useful Speakers
Many speakers were identified (Q7) as particularly “good” speakers, and respondents also rated (Q8) how “useful” the presentations were, from a personal and professional perspective (useful to me and my work).
It was noted that not all “good” speakers were also marked as “useful” speakers.
Results showed a consistent preference for practical presentations (“how to”, cases, regulations, practical advice, actions of interest).
Some of the presentations rated as less useful (Q9) at a practical level were nonetheless very interesting in providing participants with wider perspectives on cyber security issues.
It is worth bearing in mind that every speaker was identified as positive and useful for a section of the audience, and so a message for future events may be about having a good mix to ensure coverage.
Areas for Future Coverage
Participants were asked about coverage of topics not yet well covered in the railway community, and/or needing coverage in the future (Q10/Q13).
The main stated topics were:
- Practical cybersecurity solutions.
- Business continuity management.
- Threat and risk management.
- Science and research.
- Practical arrangements for exchange of cyber info (ISAC).
- Examples of Cyber security / Practical cases.
- European Rationale.
- Practical "how to" for cybersecurity in Railways.
- Securing messaging between service operators.
- Strategic plans.
- Technical security aspects.
- Implementation of security measures.
- Interoperability in Rail.
- Practical SCADA.
- IoT in Transport.
- ERTMS evolution.
- IT Regulations.
- Industry who will build systems.
In conformation of the earlier emphasis on practical aspects (what to do), the statements here were also highly focused on practical matters.
One respondent summed it by stating “Examples of how Rail addresses Cyber Security were good, but we need more of these”.
As well as asking for more on Cybersecurity in detail (how to), there is emphasis on a range of both related and unrelated issues. It may therefore be possible to move away from a single themed conference to provide a range of topics of interest in future ( mix).
Hit Rail Contribution
The Hit Rail contribution was very positively appreciated, including the good organisation of discussions on cyber security, coordination of railway actors to ensure involvement, and the provision of good speakers and moderation. There is a good expectation that Hit Rail might continue to support exchange of experience and learning between members of the European rail community in this manner.
Interests of Participants
The participants were asked why cyber security was of particular interest to them (Q12).
This produced a range of statements that emphasise a range of challenges for people close to the practical side of railway IT. Participants stated, “I am”:
- A digital Rail Specialist facing cyber security concerns.
- Implementing cybersecurity.
- Addressing cross-border and complex interconnectivity security issues.
- Working as architect for security solutions.
- Addressing cybersecurity governance.
- Running a security operations centre.
- Developing resilience to attack.
- Seeking trusted suppliers.
- Setting up a cybersecurity framework.
- Conducting risk assessment.
- Developing Risk Policy.
- Work in standardisation for cybersecurity.
- Reviewing risk in cybersecurity.
- Working on functional safety.
- Developing security for a new train.
- Responsible for IT Security and focusing cybersecurity.
- Providing Rail IT.
- Working in risk management.
- Managing cybersecurity into rolling stock (old and new).
- Advising railways on IT and security.
- Working on research in cybersecurity.
This range of personal and company interests really emphasises how cybersecurity is cross-cutting and raising concerns for professionals in many areas.
Support for a coordinating body for cyber security such as an EURail-ISAC
Concerning the ISAC question, and following the various presentations covering legal aspects, examples of other ISAC’s, and various perspectives on collaboration/sharing, 16 of 25 respondents said Yes (= 64%) and agreed to cooperate in an ISAC.
Only three stated No (= 12%) and one of these said it was not within his job remit.
Therefore, there appears to be good support for coordination of sharing around cybersecurity, but it is also the case that not all participants are able to confirm their organisational orientation. Work will have to be done to better engage CISOs and other company actors who are closer to the question of exchange of experience and events concerning cybersecurity.
“CyberSecurity4Rail” Railway Industry Conference - Brussels 4th October 2017
- Welcome and overview: “Co-operation is essential in the quest to manage technology and people for security”
- Cyber security – don’t be a victim: “Information is power and control of information has unexpected consequences”
- The regulators’ view on cyber security: “Multi-modal transport requires data exchange and interconnection”
- Security in the SERA – policy considerations: “The need for common understanding, guidelines and best practices”
- The Network and Information Security Directive (NIS Directive): “A host of European actions in cyber security”
- The railway sector perspective on cyber security: “Integrated approach to security and safety without duplication”
- How airlines protect against cyber-attack: “Adversaries are not systems, but people who are smart and who pursue goals”
- Secure networks for collaborative services: “Networks are the risk – meshed networks provide a segmented and secure response”
- First panel discussion: Product liability, staff training & awareness, information sharing in both safety and security…”
- Cyber security and resilience of transport infrastructure: “Current European initiatives in cyber security supporting Rail”
- Perspectives from a European railway operator: “Trains as data centres – protecting train IT as a cyber-crime target”
- Lessons learned from EU projects SECRET and CYRAIL: “Rail as critical infrastructure requires strong projects to protect it”
- Perspectives of a railway infrastructure manager: “Extensive premises, public accessibility – DB managing security risks”
- The telecommunications view: “Risk management depends on agility”
- The IT provider view: “Understand vulnerability and develop avoidance and mitigation strategies”
- Second panel discussion: “The need for co-ordinated action”
- Closing keynote address: “Achieving an EURail-ISAC, without replication or over-regulation….”
- The Way Forward: “Establishing a European Railway ISAC based on a common understanding”
- Annexe - Conference Evaluation Summary – Consensus