Implementing Cybersecurity Measures in Transport Organisation
- critical infrastructure,
- Cybersecurity Regulation,
- ISO 27032,
- Risk Management,
- Business Continuity
The Article describes the phases of implementing the necessary measures according to Cybersecurity Regulation for critical infrastructure and ISO 27032 standard. As a base for identification of the necessary measures in transport organization the risk assessment has been done. The Risk Management Methodology has been described as well as the results of the risk assessment. The main aspects of risk treatment with the most suitable measures for Cyber risks are identified. Also as very important aspect of protecting critical transport infrastructure we have identified the critical services and prepared business continuity plans. The main steps and results in providing the acceptable level of availability and opportunities for continuity are presented and explained.
2. Goud, N. (2017): Most Dangerous Cyber Security Threats of 2017, https://www.cybersecurity-insiders.com/most-dangerous-cyber-security-threats-of-2017/
3. ISO/IEC (2012), ISO/IEC 27032 Information technology – Security techniques – Guidelines for Cybersecurity
4. ISO/IEC (2013), ISO/IEC 27001 Information technology – Security techniques – Information security management systems – Requirements
5. Milne, A. (2017): Hacking the railway, The European Rail Supply Industry Association, https://www.railengineer.co.uk/2017/05/30/hacking-the-railway/
6. National Strategy for Cybersecurity, 7 October 2015. (NN108/2015)
7. Tomić Rotim, S. (2019): The contemporary technological aspects of Cybersecurity: restrictions and opportunities posed by modern technology, 12th International Scientific and Professional Conference “Crisis Management Days”, Conference Proceedings, Šibenik, 2019.
8. UNIFE (2019): Vision Paper on Digitalization Digital Trends in the Rail Sector, http://www.unife.org/component/attachments/?task=download&id=984, published: 15 April 2019.