Independent Security Assessment (Cyber)

Understand your cyber security risks and resilience capabilities, and ensure you meet industry, legal and regulatory standards.

Assess your digital resilience

The rail industry is becoming increasingly digital. This leads to more exposure to vulnerabilities and cyber security breaches. 

Current trends in the rail sector suggests cyber-attacks on railways are doubling annually. These attacks are not only targeting core IT systems, but operational systems and connected rail hardware that can result in substantial financial, operational and reputational losses as well as significant safety risks. 

Railway operators, maintainers and suppliers should demonstrate their resilience to emerging threats through independent cyber security assessments and cyber security monitoring.

An Independent Security Assessment (Cyber) from Ricardo will evaluate the robustness of your mitigations relating to your IT systems and infrastructure, and help you to better understand your risk profile. The scope of the assessment extends across processes, governance and physical assets, as well as your organisation's interactions with customers, staff and external entities.

Digitalsec Rail

Projects

Shutterstock 38555770 Sbeijingcyber

Rail cyber security training and consultancy

Read case study
Shutterstock 1334089148 Cut

Cyber security uplift project for rail organisation

Read case study
Sunny Bay Station

Cyber risk assessment for new Hong Kong signalling system

Read case study

Reduce your risk with Ricardo's Independent Security Assessment (Cyber)

Ricardo’s team of rail cyber security experts will perform a in-depth assessment of your risks against industry and global standards including  IEC 62443 (the global standard for the security of Industrial Control System networks) and TS50701.

Our assessment, tailored specifically to your organisation, considers not only the general characteristics of the rail industry but also the unique aspects of your rai systems, including open and accessible environments. 

Your organisation will gain a clear understanding of which risks are currently mitigated. The assessment will identify risks and non-conformities, including those posed by non-malicious actors. Our experts will provide proportionate guidance along with appropriate protective measures to address the risks identified.

 

 

 

Choosing Ricardo as your partner

Safety runs deep in Ricardo’s DNA  
This safety expertise coupled with Ricardo’s cyber security specialism – Ricardo’s experts are unique in having cyber security expertise with extensive experience and capability across the rail industry.

Collaborative independence
Ricardo offers Independent Security Assessment (Cyber) as well as engineering cyber security systems engineering services to enhance the robustness of systems leading up to certification.

An industry voice
Ricardo’s experts contribute to industry committees and working groups, you gain access to the latest techniques and best practice.

The scope of assessment reaches beyond IT systems and deep into railway infrastructure:

Shutterstock 1575982816

Signalling systems

Cyber security attacks on the most safety critical railway systems create immediate safety risks to passengers and railway workers, the most significant of which could result in collisions or derailments

CAHSR Train Sizednolabel

Rolling stock

The increased scope of train-board TCMS creates vehicle-based vulnerabilities that hinder smooth vehicle operations, creating delays and service interruptions.

Shutterstock 1094473442

Stations

Station focussed attacks typically target communication systems, evaluation controls, escalators and lighting which pose an immediate public safety risk.

Shutterstock 217841458 Cybercontrolcentre

Operational control centres

Hackers that seek to create significant impact to passenger safety, attack operational control centres to interrupt data flows and remote communications between stations, drivers and passengers.

Why undertake a cyber security assessment?

Protecting rail users and supply chain
Cyber incidents expose rail users and the rail supply chain to significant risks, including, in the worst-case scenario, loss of life. Demonstrate your commitment to safety and the protection of your supply chain by proactively assessing and addressing current and emerging threats to ensure resilience.

Data loss and business interruption
Secure your personal, business, and financial data while protecting against operational and financial losses. Safeguard your organisation from temporary shutdowns due to system corruption by proactively assessing potential risks, reducing the likelihood of disruption and sensitive data breaches.

Protect your reputation
A cyber incident could have significant safety, financial, legal and reputational implications for your organisation. By investing in an independent cyber security assessment, you are reducing your exposure to cyber incidents and protecting reputational risks.

Compliance with local / international standards and legislation
When supplying systems to operators, you’re committing to the highest possible safety and security standards. Provide independent assurance to your government / operator end-client through the provision of independent security assessments, to demonstrate compliance the expected standards. 

Cyber Security

Why choose Ricardo Certification

Rctimage2

Efficiency and collaboration

We use bespoke tools and processes that reduce administration, minimise delays and prevent cost overruns.

Koreaolypics2

International network

We will bring best practice and techniques honed from performing assessments throughout the world.

Uktrackworks2023shaded

Rail domain specialists

Rail systems experts will be responsible for preparing all outputs and will provide constructive feedback throughout the process.

Office2202

An industry voice

Many of our assessors are contributors to the Working Groups and industry forums that define technical standards and assessment criteria.

Independent Security Assessment (Cyber) Resources

Ricardo to prepare feasibility study for net zero rail commuter services in Adelaide, South Australia

Read article

Ricardo partners with railway AI technology specialists, Cordel Group

Read article

Ricardo forms Strategic Alliance with MxV Rail

Read article

Opportunities and challenges in sharing digital twins

Read article

Meet the experts

Tony Gao Headshot

Tony Gao

Global Independent Security Assessment (Cyber) Lead

View bio

Related markets

Contact us for your assessment