The 2024 ERA-ENISA Conference on Railway Cybersecurity seeks to strengthen sector preparedness and resilience against current threats
October 2024 by ENISA
The 2024 ERA-ENISA Conference on Cybersecurity in Railways, held in Lille on 2-3 October, successfully highlighted the ongoing collaboration between the European Union Agency for Railways (ERA) and the European Union Agency for Cybersecurity (ENISA) in addressing critical cybersecurity challenges within the railway sector.
Celebrating the 20th anniversary of both EU Agencies, the conference welcomed 150 experts, including high-level EU officials, to discuss the latest developments in railway cybersecurity.
The EU Agency for Railways Executive Director, Josef Doppelbauer, stated: “Railway users expect good quality of service with uncompromised safety and security – therefore, we need to protect the railway system also from cyber-attacks. Cybersecurity is crucial to operate an efficient railway system. We need to act in cooperation with ENISA, with the European Commission, and with the sector.”
EU Agency for Cybersecurity Executive Director, Juhan Lepassaar, stated that: “The latest ENISA threat landscape report revealed that transport is the second most targeted sector for this year. The recent emergence of cybersecurity attacks in railways, along with geopolitical tensions, indicate that it is crucial to prioritise cybersecurity to safeguard critical infrastructure. To this end, advanced cooperation and joint efforts are key to work proactively and stay ahead of evolving threats.”
Key discussions focused on the implementation of the NIS2 Directive, emphasising the regulatory framework and the need for protection against vulnerabilities within railway systems. Attendees shared insights on EU initiatives and the need to enhance cybersecurity awareness and skills among stakeholders. Additionally, panel discussions were complemented by a parallel workshop on human and organisational factors fostering a safety culture, as well as cybersecurity awareness raising games. A special thematic session on railway vehicles was held, examining technical aspects of railway security such as identified weaknesses and authority inspections.
The event has reinforced the commitment of both agencies to support the railway sector in navigating the complexities of cybersecurity while fostering a collaborative community aimed at safeguarding Europe’s rail networks.
About ERA
The European Union Agency for Railways was established in Valenciennes in 2004, and has 200 employees representing more than 22 European Member States.
ERA has been providing EU Member States and the European Commission with technical assistance in the development and implementation of the Single European Railway Area. This comprises enhancing technical interoperability and harmonising rules, promoting simplified access for customers, developing a common approach to safety and safety culture, advising on telematics applications and ERTMS (European Rail Traffic Management System), monitoring National Safety Authorities and Notified Bodies and facilitating the exchange of information between the railway actors in Europe.
Since 16th June 2019 the EU Agency for Railways is mandated to issue single safety certificates and vehicle (type) authorisations valid in multiple European countries and to ensure an interoperable European Rail Traffic Management System.