On November 11, 2024, over 100 industry professionals converged at a conference organized by Northern, held in London, to tackle the pressing issue of cyber resilience within the rail sector. This gathering aimed to strengthen strategies against ever-evolving cyber threats, reinforcing the importance of proactive measures to protect the extensive digital infrastructure of the rail network.
The keynote speech was delivered by Mark Philips, CEO of the Rail Safety & Standards Board (RSSB). Philips emphasized the urgency of preparedness, urging attendees to shift their mindset: “Don’t plan for if, plan for when,” he stated, highlighting the fact that, in the digital age, cyber threats are not merely possibilities but certainties.
Joining Philips on the panel were notable figures like George Bearfield, Director of Health, Safety, and Cyber Security at Rock Rail, and Tom Wild, Project Engineering Manager at Eversholt Rail UK Ltd. Together, they shared invaluable insights and experienced-based strategies aimed at securing the rail infrastructure from various cyber risks.
Arinder Badyal, Head of Information Security at Transport UK and also the Chair of the Rail Information Exchange, echoed the sentiments of urgency and precaution. “Do something now, do not wait for a cyber incident,” he warned, calling for constant vigilance and readiness to combat potential threats to the rail network.
A focal point of the conference was the presentation by George Copeland, Northern’s Digital Programme Manager, who outlined the operator’s comprehensive cyber resilience strategy. This strategy, encapsulated by the steps of identification, protection, detection, response, and recovery, is crafted to safeguard over 360 digital trains and 36,000 digital assets, laying the foundation for operational security amid increasing digital interconnectivity.
The event, significantly supported by Angel Trains, brought together various stakeholders passionate about enhancing rail cybersecurity through shared knowledge and collaboration. Marc Silverwood, Northern’s On-Board Systems Manager, emphasized this aspect well: “Sharing really is caring when it comes to industry best practice.”
The atmosphere at the conference was charged with enthusiasm and determination, with attendees discussing the collaborative efforts necessary to advance cyber resilience across the entire rail system. Alex Cowan, CEO of RazorSecure, reflected on the event, stating, “The event was a great opportunity to engage in detailed discussions with train operators and share key cyber security insights—even highlighting how our collective efforts are protecting their fleets.”
Speakers like Sash Rigby from Modux, Martin Shaw from Icomera, and Stephen Carroll from Marlborough House Partners contributed to the vibrant dialogue surrounding this relevant topic. Through their collective knowledge and experiences, they reinforced the notion of community and cooperation as pivotal tools for combatting cybersecurity threats.
Looking forward, Northern envisions this conference as a recurring event, one which will not only provide networking opportunities but also will help develop potential future initiatives based on the feedback it gathers—from assessing demands to identifying pivotal areas of interest among industry participants.
This event lays the groundwork for continued efforts to improve cyber resilience within the rail sector, as professionals recognize the significance of combatting vulnerabilities pressed upon them by advancing technology and increasing digitalization. The conversation surrounding cyber resilience will likely remain at the forefront of the industry as participants take actionable steps to secure their digital environments.
This collaborative spirit shines through as the rail sector rallies together, adapting to the realities of modern cyber threats, proving once again how the industry can unite to stay one step ahead of adversaries.
