Independent cyber security assessment

Understand your cyber security risks and digital resilience, and ensure you meet industry, legal and regulatory standards with an independent cyber security assessment.

Assess your cyber security risks and evaluate your digital resilience

The rail industry is becoming increasingly digital. This leads to more exposure to vulnerabilities and cyber security breaches. 

Current trends in the rail sector suggests cyber-attacks on railways are doubling annually. These attacks are not only targeting core IT systems, but operational systems and connected rail hardware that results in substantial financial, service, and reputational losses as well as significant safety risks. 

Do not wait until you detect a compromise or need to respond to a cyber incident. Railway Operators, maintainers and suppliers must demonstrate its resilience to emerging threats through independent cyber security assessments and cyber security monitoring.

An independent security assessment (cyber) evaluates the robustness of your mitigations relating to your IT systems and infrastructure. It encompasses an organisation's processes, governance and physical assets, as well as its interactions with customers, staff and external entities.

Ricardo’s team of rail cyber security experts will perform a in-depth assessment of your risks against industry and global standards including  IEC 62443 (the global standard for the security of Industrial Control System networks) and TS50701.

Our assessment, tailored specifically to your organisation, considers not only the general characteristics of the rail industry but also the unique aspects of your rai systems, including open and accessible environments. 

Your organisation will gain a clear understanding of which risks are currently mitigated. The assessment will identify risks and non-conformities, including those posed by non-malicious actors. Our experts will provide proportionate guidance along with appropriate protective measures to address the risks identified.

Protecting rail users and supply chain
Cyber incidents expose rail users and the rail supply chain to significant risks, including, in the worst-case scenario, loss of life. Demonstrate your commitment to safety and the protection of your supply chain by proactively assessing and addressing current and emerging threats to ensure resilience.


Data loss and business interruption
Secure your personal, business, and financial data while protecting against operational and financial losses. Safeguard your organisation from temporary shutdowns due to system corruption by proactively assessing potential risks, reducing the likelihood of disruption and sensitive data breaches.

 

Protect your reputation
A cyber incident could have significant safety, financial, legal and reputational implications for your organisation. By investing in an independent cyber security assessment, you are reducing your exposure to cyber incidents and protecting reputational risks. 


Compliance with local / international standards and legislation
When supplying systems to operators, you’re committing to the highest possible safety and security standards. Provide independent assurance to your government / operator end-client through the provision of independent security assessments, to demonstrate compliance the expected standards. 

Safety runs deep in Ricardo’s DNA  
This safety expertise coupled with Ricardo’s cyber security specialism – Ricardo’s experts are unique in having cyber security expertise with extensive experience and capability across the rail industry.

Collaborative independence
Ricardo offers independent security assessment (Cyber) as well as engineering cyber security systems engineering services to enhance the robustness of systems leading up to certification.

An industry voice
Ricardo’s experts contribute to industry committees and working groups, you gain access to the latest techniques and best practice.

Shutterstock 217841458

The scope of independent cyber security assessment reaches far beyond that of IT systems, deep into railway infrastructure:

Shutterstock 1575982816

Signalling systems

Cyber Security attacks on the most safety critical railway systems create immediate safety risks to passengers and railway workers, the most significant of which could result in collisions or derailments

CAHSR Train Sizednolabel

Rolling stock

The increased scope of train-board TCMS creates vehicle-based vulnerabilities that hinder smooth vehicle operations, creating delays and service interruptions.

Shutterstock 1094473442

Stations

Station focussed attacks typically target communication systems, evaluation controls, escalators and lighting which pose an immediate public safety risk.

Shutterstock 2485791579

Operational control centres

Hackers that seek to create significant impact to passenger safety, attack operational control centres to interrupt data flows and remote communications between stations, drivers and passengers.

Independent cyber security assessment

Markets

This service is offered within the following sectors.

Projects

Aventra

Aventra Vehicle Digital Risk Assessment

Read case study
Ricardo Appointed To Support Transformation Of The Greater Toronto Rail Network

Metrolinx safety assessment

Read case study
Queensland Istock 1150856512 B

Queensland Rail ETCS Safety Assessment

Read case study

Independent cyber security assessment Resources

British Consul-General visits Ricardo team in Adelaide

Read article

NoBo, DeBo and testing services for new ICE3neo (Velaro MS) for Siemens Mobility

Read article

Ricardo’s first certification in Belgium: the FLIRT international commuter train

Read article

The trouble with cross-border rail in Europe

Read RQ

Contact us for your assessment