Secure Tracks: Rail Tech Security Conversations
By Cylus
Secure Tracks: Rail Tech Security Conversations May 22, 2023
From Segmentation to SOC: a Multilayered Approach to Cybersecurity in Rail Operations
In this episode of Secure Tracks, Roark Pollock sits down with Manvendra Singh from the National Capital Region Transport Corporation (NCRTC). From the foundational steps of network segmentation to the sophisticated implementation of SOC, listeners are guided through a comprehensive, multilayered approach to cybersecurity. The discussion emphasizes the importance of integrating IT and OT to protect against vulnerabilities and ensure the safety and reliability of rail operations.
Claves para gestionar la ciberseguridad en la intersección de IT y OT
En este episodio de Secure Tracks, Omar Benjumea conversa con Esther Mateo, Directora General de Seguridad, Procesos y Sistemas Corporativos en Adif, sobre la convergencia de IT (Tecnología de la Información) y OT (Tecnología Operacional) en ciberseguridad. Esther comparte su trayectoria hacia la ciberseguridad, comenzando con una pasión por la tecnología desde una edad temprana y llevándola hasta su significativo rol en Adif. La discusión abarca los desafíos de integrar la ciberseguridad en las tecnologías operacionales, especialmente en el sector ferroviario, enfatizando la importancia de los proyectos transversales, el cambio cultural dentro de las organizaciones y la gestión de incidentes de ciberseguridad a través de los entornos de IT y OT.
English description:
Esther Mateo's Insights on Leading Cybersecurity Management at the Intersection of IT and OT
In this episode of Secure Tracks, Omar Benjumea talks with Esther Mateo, General Director of Security, Processes, and Corporate Systems at Adif, about the convergence of IT and OT in cybersecurity. Esther shares her journey into cybersecurity, starting with a passion for technology from a young age and leading up to her significant role at Adif. The discussion covers the challenges of integrating cybersecurity in operational technologies, especially in the railway sector, emphasizing the importance of cross-functional projects, cultural change within organizations, and managing cybersecurity incidents across IT and OT environments.
Defending Our Crown Jewels: Rail Cybersecurity in the Age of Industry 4.0
In this episode of Secure Tracks, join host Roark Pollock as he engages in an insightful conversation with Susan Howard. Together, they delve deep into safeguarding light rail's most critical systems, often called the "crown jewels." From tunnel ventilation to traction power and beyond, they unravel the evolving challenges and strategies for fortifying these vital components against the ever-growing specter of cyber threats. Discover insights, anecdotes, and expert advice that illuminate the path toward ensuring the resilience and security of the operational rail technologies of Industry 4.0.
Defendiendo el futuro: La ciberseguridad en ciclos de vida ferroviarios
Únase al presentador Omar Benjumea mientras charla con Francisco Lázaro Anguis, CISO y DPO de RENFE, en el primer episodio en español de Secure Tracks. Explore el complejo desafío de proteger los sistemas ferroviarios a largo plazo. Descubra cómo la ciberseguridad se vuelve parte integral del diseño, las pruebas y el mantenimiento ferroviario, garantizando la resiliencia contra las amenazas que pueden evolucionar durante las próximas tres décadas. Descubra el delicado equilibrio entre seguridad y "safety" en el complejo mundo de las operaciones de tecnología ferroviaria.
English description:
Decades Defended: Embedding Cybersecurity to a 30-Year Rail Lifecycle
Join guest host Omar Benjumea as he sits down with Francisco Lázaro Anguis, CISO and DPO of RENFE, in Secure Tracks's first Spanish episode. Explore the intricate challenge of securing railway systems for the long haul. Discover how cybersecurity becomes integral to rail design, testing, and maintenance, ensuring resilience against evolving threats over three decades. Uncover the delicate balance between safety and security in the complex world of rail tech
Cybersecurity in Rail Operations: A CISO's Triumphs, Challenges, and Lessons Learned
In this episode of the Secure Tracks Podcast, Joel Waugh, the CISO at the Washington Metropolitan Area Transit Authority (WMATA), shares insights into navigating the unique challenges of cybersecurity in rail operations. Emphasizing the shift in priorities compared to federal government protocols, Waugh highlights the importance of identifying critical systems, prioritizing cyber hygiene, and fostering a culture of communication and collaboration.
Collaborative Defenses: Strengthening Rail Cybersecurity Together
Launching the second season of the Secure Tracks Podcast, our guest is Colonel Alok Shankar Pandey from DFCCIL. Join Roark Pollock and Pandey as they explore the crucial domain of rail cybersecurity, discussing the essential requirement for collaborative defenses. From information sharing and technological integration to global standards and collaboration, Pandey uncovers the efforts underway to protect operational rail tech systems from evolving cyber threats.
Wireless Waves of Risk: Challenges & Controversies
In this bonus episode of the Secure Tracks podcast, host Roark Pollock sits down with Yaniv Mallet, the lead cybersecurity architect at Cylus. They delve into the recent attacks on the Polish rail network and explore the implications of such incidents on rail cybersecurity and safety. Yaniv, drawing from his extensive background in the military and cybersecurity, provides valuable insights into the challenges and potential mitigations for these threats.
Rails & Resilience: the Convergence of Safety and Cybersecurity
Eddy Thesee, VP of Products and Solutions Cybersecurity, Alstom, delves into the critical relationship between safety and security in the rail industry. Thesee discusses how safety has been the cornerstone of rail operations but highlights the emerging need to consider cybersecurity as a vital aspect of protecting rail tech environments from increasing cyber threats. Drawing parallels with safety practices, he and host Roark Pollock explore how cybersecurity is now becoming an integral part of the industry's DNA through standardization, skill development, and product advancements.
Navigating the Intersection of Rail Operations & Cybersecurity in the Age of Digitalization
Join Christoffer Neesen, Senior Manager of OT Security at Deutsche Bahn, as he delves into the critical issue of managing the intersection of rail operations and cybersecurity in the age of digitalization. Neesen highlights the importance of organizational change when implementing effective cybersecurity practices within the railway industry and emphasizes the need for a holistic approach.
Cyber Resilience on Track: Integrating Cybersecurity in Rolling Stock Design
Hitachi Rail's Global Head of Digital Trains, Bruno Corasolla, explores cybersecurity's crucial role in the evolving world of rolling stock design. Addressing cyber threats has become paramount as digital systems increasingly integrate into rail operations. Bruno discusses the drivers behind this shift, the evolving regulatory landscape, and rail integrators' challenges.
Securing the Tracks: The Career Journey of a Rail Industry CISO
In this Secure Tracks episode, we sit down with Bill Heinrich, a highly experienced professional in IT and cybersecurity within the rail industry. With over two decades of experience at prominent rail companies like Amtrak, BNSF Railway, and Union Pacific Railroad, Bill brings a wealth of knowledge to the table. In this episode, we explore the fascinating career journey of a rail industry Chief Information Security Officer (CISO) and discuss the implementation of cybersecurity programs for operational rail tech environments.
Lessons in Rail CISO Leadership: Learning from Mistakes & Building Resilience
Shaofei Huang, a seasoned CISO in the rail industry, shares his insights on the complex world of cybersecurity in rail. Huang sheds light on the unique challenges CISOs face in operational technology environments and highlights the need for prioritization and understanding of consequences. Pollock and Huang discuss the increasing threat landscape, with targeted attacks on transportation networks and railways becoming more prevalent.
Digitalization in Operational Rail Technology Networks
In the first episode of Secure Tracks, Roark Pollock speaks with Dr. Mark Grant, a renowned rail cybersecurity leader who worked at CSX for 17 years, serving as the Chief Information Security Officer for 8 years. Mark discusses the three waves of digitalization in the rail industry and the impact of the most recent wave on operational rail technologies. The conversation touches upon government views and actions, including the recent TSA Security Directives and the upcoming rulemaking process.
Introducing Secure Tracks
The Secure Tracks podcast brings together cybersecurity experts from the rail industry to share their insights and expertise on managing risk and cybersecurity challenges unique to the rail industry. Hosted by Roark Pollock, each episode features one or two industry experts for a 30-45 minute conversation.