Key government agencies and industry experts join the Cyber Senate Rail Cybersecurity USA conference in Arlington Virginia on May 12/13th 2022 to address new directives and provide additional guidance to the US rail industry.
The convergence of IT and operational technology, coupled with the integration of often untested, uncertified third-party applications and devices across transport infrastructure has extended the attack surface exponentially in a sector historically safeguarded by strict regulatory safety protocols. The surface transportation sector has entered a new age of digitisation, requiring a clear organisational process, preparedness, visibility of assets and supply chain weaknesses, and a robust response strategy to advanced persistent threats.
DHS’s Transportation Security Administration announced on December 2, 2021, two new Security Directives in response to the ongoing cybersecurity threat to surface transportation systems and associated infrastructure. These directives and additional guidance are steps being taken to in response to the ongoing cybersecurity threat to surface transportation systems.
Organisers Cyber Senate, welcome the TSA’s Assistant Administrator for the Department of Homeland Security Transportation Security Administration Surface Operations, Security Operations, Mrs Sonya Proctor, who will join the conference to address how the rail sector can create a comprehensive approach to risk management across the surface modes.
The conference is also supported by the US Critical Infrastructure Security Agency, represented by Benjamin Gilbert, Cybersecurity Advisor, Region III, presenting the top threats and insight into those actors, how to better mitigate supply chain vulnerabilities and why the sector should be concerned.
Further intelligence will be provided by key industry leaders such as Kyle Malo, Sr. Director, Cybersecurity and CISO, Washington Metropolitan Area Transit Authority, who is responsible for leading the cybersecurity strategy and execution for the nation’s second-busiest transit system. Before joining WMATA, Mr Malo served for nine years in the Federal Bureau of Investigation’s (FBI), culminating as CISO, where he led enterprise, global, efforts to secure national security information – enabling the FBI’s domestic intelligence and law enforcement missions. Mr Malo will address supply chain security best practices and the growing need for partnerships to ensure resilience.
Rick Peters, CISO, Operational Technology North America for Fortinet, will further educate the sector by highlighting the essentials required to keep systems on track to maintain safe, available, and secure services. Mr Peters brings more than 37 years of cybersecurity and global partnering experience, having worked across foreign, domestic, and commercial industry sectors at the National Security Agency (NSA).
Cyber Senate will also include European rail Subject Matter Experts to help the US sector benchmark their maturity. Christian Schlehuber, Convenor of CENELEC TC 9X/WG 26, Cybershield Consulting joins the group and is one of the leading Cybersecurity experts for Railway Systems in Europe. He worked several years for Deutsche Bahn in the areas of Security Engineering and NIS Directive. Currently, he is the Convenor of CENELEC TC 9X/WG 26 and is responsible for the development of TS 50701 (Railway Applications – CyberSecurity). He is also working with ER-ISAC and ENISA.
Serge Benoliel, Head of Product and Solution Cybersecurity Governance and Expertise, Alstom will be present to further elaborate on European models and standards, as the secretary of the CENELEC working group which issued the TS 50701 dedicated to railway cybersecurity, and presently acts as the leader of Shift2Rail Cybersecurity Technical Demonstrator TD2.11.
With key input from US and European stakeholders, Cyber Senate are pleased to be at the forefront of information sharing initiatives for the rail infrastructure sector in 2022. Having pioneered the Rail Cybersecurity Europe forum in London United Kingdom in 2014, the group remains at the forefront of peer-to-peer networking for the critical infrastructure sector.
Interested parties can learn more at the 2nd Annual Rail Cybersecurity USA show on May 12/13th in Arlington VA, or in the UK for European specific engagement at the 7th annual Rail Cybersecurity Europe/UK conference on March 15/16th.