Enhancing Cybersecurity in the Railway Industry:
|
Abstract
The railway industry is undergoing a significant transformation, as traditional physical signalling systems are increasingly replaced by computer-based control and communication networks. Previously signalling was done through physical signals placed along the railway infrastructure. This modernisation, which relies on IP protocols and wireless communication technologies, brings with it new vulnerabilities and cybersecurity challenges. In recent years, there has been a marked increase in cyberattacks targeting the railway sector, with numerous high-profile incidents involving denial of service and ransomware attacks. One key challenge faced by the industry is the vast geographical distribution of railway infrastructure, which includes both stationary equipment and a multitude of trains in motion. These systems, often legacy installations with limited security features, now communicate via networks and IP-based connections, potentially exposing them to cyber threats. This presentation will explore the current state of cybersecurity in the railway industry and discuss strategies for securing its large-scale infrastructure. It will highlight the unique challenges faced by the sector, identify potential vulnerabilities, and propose solutions for enhancing the overall security posture of railways worldwide. Speaker Bio: Chris is a cybersecurity expert with over 18 years’ experience in the Australian Defence Force, focusing on system administration, and cyber security. He has created custom security teams and programs, senior leadership mentoring training and technical solutions to multiple projects. He has spoken at a number of conferences and summits. He holds a graduate certificate in cybersecurity and has multiple GIAC certifications. He also teaches at both Monash and Sydney University for their Cyber Security Boot camps. Hugh has around 40 years experience covering the areas of software engineering, ICT, systems engineering, safety engineering and cybersecurity across the areas of Defence, telecommunications and transportation. He has written, presented and published a number of papers in the areas of systems engineering, safety and cybersecurity and is an accredited Independent Safety Assessor and has cybersecurity accreditation. Hugh’s more recent experience in Australia has been in the railway domain where he has rolled out cybersecurity in various projects. |