…Concepts and Levels of Security
IT security in public transport must be understood as a holistic and overarching task. For example, the industry standard IEC 62443 describes the consideration of cyber security concepts from different points of view: General, Policies and Procedures, System, Components. In addition, different areas require different levels of protection. Protection concepts and measures are then geared to the respective security level: An IP camera in a vehicle must be protected differently than the data of a payment system.
Cyber Security Challenges in Public Transport
Like many companies, most fleet operators and transport operators need to focus their resources on their core business. They have little expertise regarding cyber security and often no knowledge of IT standards. However, they need to ensure a network that has an adequate level of protection. In practice, implementing and ensuring protection measures is a challenge for many public transport operators.
The selection and implementation of methods and measures to protect a system depends on the application and its protection needs. The steps below provide an overview of practical measures to improve cyber security in public transit vehicles:
- Perform risk assessment: Identify and assess risks in terms of vulnerabilities, threats, attack scenarios and potential impact.
- Implement basic security measures: Access control, network segmentation, disabling unused interfaces, deploying firewalls, changing passwords.
- Secure communication and data: Use VPN and appropriate protocols to encrypt communication and data.
- Implement physical security measures: Block physical access to all components for unauthorized persons; monitor/control physical access.
- Define an action plan in advance: Define immediate actions, countermeasures, roles and responsibilities, ensure competency.
- Keep the system up to date at all times: Install software updates to address known vulnerabilities and security gaps.
- Train employees: on potential threats, protective measures, and preventive measures.
- Monitor: Monitor IT system regularly to identify deviations or security incidents; implement methods and tools to accomplish monitoring.
>> Read also: The Ethernet Switch & Cybersecurity
Subscribe to our monthly newsletter and stay tuned
Thanks for subscribing! We will be happy to keep you up to date, but first you need to confirm your email!
More Stories Like This:
IP cameras are widely used in public transport vehicles, enhancing onboard safety and security. ROQSTAR Ethernet switches seamlessly integrate with these cameras, ensuring optimal functionality and data transmission. However, IP cameras contribute...
Modern IP networks offer public transport authorities and operators an opportunity to overcome the limitations of traditional silo systems in their vehicles. This article highlights their advantages, key considerations for operators, and outlines...
Replacing analog technology in buses and trains with IP networks? This is a question that is currently occupying the minds of many public transport operators. We explain when is the best time to make the switch and what requirements must be met on...
Our products are fundamental for the digitalization in public transport. ROQSTAR M12 Ethernet Switches provide the network infrastructure for e-ticketing, passenger counting systems (PCS), dynamic passenger information (DPI) and closed-circuit television (CCTV).