The European Union Agency for Cybersecurity (ENISA) released in November 2020 its “Cybersecurity in Railways” report to raise awareness about the cybersecurity challenges facing Europe’s railways. The report identifies the current cybersecurity status and challenges as well as proposes cybersecurity measures to combat these challenges and enhance the sector’s security posture. The report is based on data gathered over the last two years from the operators of essential rail services in 21 EU Member States.
The EU railway landscape
The railway sector is a critical infrastructure for the development of the European Union and its member states since it enables the transportation of goods and passengers within countries and across borders. The key entities for the provision of these services are:
- The railway undertakings (RU), who are responsible for the transport of goods and passengers by rail.
- The infrastructure managers (IM), who are responsible for the establishment, operation and maintenance of railway infrastructure including traffic management, command, control and signaling, station operation and train power supply.