Transportation systems are critical infrastructures, so they need a holistic approach to protect both physical/virtual assets and resources, combining a unique security framework with the multiple aspects of security. Hitachi Rail STS has established an Information Security Management Systems process (ISMS) in accordance with the international standards (ISO 27000, IEC 62443 and NIST-800). It shall be aimed to minimize risks related to misuse of data and abuse of confidential information by authorized/unauthorized personnel having malicious intents, exposing passengers and personnel to risk of damages and/or impacting the continuity of operations.
The purpose of this presentation is to describe the cybersecurity activities that will be performed by Hitachi Rail STS, subcontractors and external contractors throughout the project life-cycle phases, in order to ensure that the Rail System will achieve an acceptable security level.
1. Assess cybersecurity identified threats and understand how to reduce related risks
2. Define the Information Security Management Systems process (ISMS)
3. Examine the Information Security Management Systems process (ISMS) and how it minimizes risks
4. Determine how a rail system will achieve an acceptable security level when using the ISMS process