In Global Railway Review Issue 04 2022, Dimitri van Zantvliet, Chief Information Security Officer and Joseph Mager, Deputy Chief Information Security Officer at NS (Dutch Railways), explored how the rail sector can maintain resilience in an evolving cyber threat landscape.
In a world in turmoil, we need to keep calm and stay on track
It is time to give more traction to railway cyber‑resilience.
When the COVID-19 pandemic struck, it became evident how vital public transport was for the logistics of medical personnel to their hospitals. One of the many downsides of COVID-19 was that most commuters had to work from home or took a car to work and stopped using public transport all together. Most railway organisations had to cut costs, change focus to necessary operations only and facilitate remote work to their employees. On top of the pandemic came the horrible war in Ukraine. Many railways in the area were directly or indirectly affected and worries arose for cyber spill-over effects throughout Europe. In the same time period, the ransomware business rose to one‑billion-dollar turnover and the amount of zero‑days increased with 200 per cent. How do we as railway undertakers and infrastructure managers deal with such a volatile threat landscape? How can we find the right balance between resilience and firefighting mode? How do we make sure that increasing digitalisation is not opening up new risk areas? The answer is that we need to learn and find out together in close collaboration within the sector. We are confident that this is possible.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertising & Targeting".
This cookie is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Necessary".
This cookie is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Performance".
This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
This session cookie is served by our membership/subscription system and controls whether you are able to see content which is only available to logged in users.
Performance cookies are includes cookies that deliver enhanced functionalities of the website, such as caching. These cookies do not store any personal information.
This cookie is set by Cloudflare content delivery network and, in conjunction with the cookie 'cf_use_ob', is used to determine whether it should continue serving “Always Online” until the cookie expires.
This cookie is set by Cloudflare content delivery network and is used to determine whether it should continue serving “Always Online” until the cookie expires.
This session cookie is served by our membership/subscription system and controls which types of content you are able to access.
This cookie is set by Litespeed Server and allows the server to store settings to help improve performance of the site.
This cookie is served by the Swapcard app/website to detect and store the user’s language.
This cookie is set by OneSignal push notifications and is used for storing user preferences in connection with their notification permission status.
This cookie is set by Youtube and is used to track the views of embedded videos.
Analytics cookies collect information about your use of the content, and in combination with previously collected information, are used to measure, understand, and report on your usage of this website.
This cookie is set by LinkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
This cookie is set by YouTube and registers a unique ID for tracking users based on their geographical location
This cookie is set by LinkedIn and is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
This cookie is set by LinkedIn and used for routing.
This cookie is set by LinkedIn share Buttons and ad tags.
This cookie is served by the Swapcard event app/website and uniquely identifies the user’s session.
This cookie is served by the Swapcard app/website and uniquely identifies the user.
We embed videos from our official Vimeo channel. When you press play, Vimeo will drop third party cookies to enable the video to play and to see how long a viewer has watched the video. This cookie does not track individuals.
This cookie is set by Spotler and tracks an anonymous visitor ID.
This cookie is set by Spotler and enables it to track the Load Balance Session Queue.
This cookie is set by Spotler to track the Internet Information Services (IIS) session state.
This cookie is set by Spotler and stores the UTM values for the session. UTM values are specific text strings that are appended to URLs that allow Communigator to track the URLs and the UTM values when they get clicked on.
This cookie is set by Google Analytics and is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. It stores information anonymously and assign a randomly generated number to identify unique visitors.
This cookies is set by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites.
This cookie is set by Google Analytics and is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
Advertising and targeting cookies help us provide our visitors with relevant ads and marketing campaigns.
This cookie is set by Advanced Ads and measures the browser width.
This cookie is set by Advanced Ads and measures the number of previous page impressions.
This cookie is set by Advanced Ads and sets geo-location, user role and user capabilities. It is used by cache busting in Advanced Ads Pro when the appropriate visitor conditions are used.
This cookie is set by Advanced Ads and sets the referrer URL.
This cookie is a browser ID cookie set by LinkedIn share Buttons and ad tags.
This cookie is set by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
This cookie is set by LinkedIn and is used for tracking.
This cookie is set by Linkedin and is used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
This cookie is set by YouTube. Used to track the information of the embedded YouTube videos on a website.