Cybersecurity Guidelines for the Employees of the Railway Entities

Abstract

European Commission has published a nearly 50-page-long document on cybersecurity in transport called the Transport cybersecurity toolkit. As part of the work of ISAC-Kolej (the Information Sharing and Analysis Center for the railway trans-port sub-sector), guidelines in terms of cybersecurity for the employees of the railway entities have been developed and adopted. This article briefly discusses the European and Polish activities taken in order to protect railway transport against cyberthreats and shares the guidelines for employees adopted by ISAC-Kolej. Considering the increasingly widespread use of digital solutions, both for supporting operations of the business entities that constitute the railway system and for rail-way traffic management and supervision, these guidelines should be disseminated to the maximum possible extent among railway employees that use computers in their work. Keywords: information systems (IT), operational systems (OT), cybersecurity