Implementing Cybersecurity Measures in Transport Organisation

  • Silvana Tomić Rotim University of Applied Sciences Velika Gorica
Keywords: critical infrastructure, Cybersecurity Regulation, ISO 27032, Risk Management, Business Continuity


The Article describes the phases of implementing the necessary measures according to Cybersecurity Regulation for critical infrastructure and ISO 27032 standard. As a base for identification of the necessary measures in transport organization the risk assessment has been done. The Risk Management Methodology has been described as well as the results of the risk assessment. The main aspects of risk treatment with the most suitable measures for Cyber risks are identified. Also as very important aspect of protecting critical transport infrastructure we have identified the critical services and prepared business continuity plans. The main steps and results in providing the acceptable level of availability and opportunities for continuity are presented and explained.


EU Directive (2016): European Union Parliament and the Council, the Directive (EU) 2016/1148 concerning measures for high common level of security of network and information systems across the Union, 6 July 2016.

Goud, N. (2017): Most Dangerous Cyber Security Threats of 2017,

ISO/IEC (2012), ISO/IEC 27032 Information technology – Security techniques – Guidelines for Cybersecurity

ISO/IEC (2013), ISO/IEC 27001 Information technology – Security techniques – Information security management systems – Requirements

Milne, A. (2017): Hacking the railway, The European Rail Supply Industry Association,

National Strategy for Cybersecurity, 7 October 2015. (NN108/2015)

Tomić Rotim, S. (2019): The contemporary technological aspects of Cybersecurity: restrictions and opportunities posed by modern technology, 12th International Scientific and Professional Conference “Crisis Management Days”, Conference Proceedings, Šibenik, 2019.

UNIFE (2019): Vision Paper on Digitalization Digital Trends in the Rail Sector,, published: 15 April 2019.

How to Cite
Tomić Rotim, S. (2020). Implementing Cybersecurity Measures in Transport Organisation. Annals of Disaster Risk Sciences, 3(1).