Network Rail may soon be bracing itself for an onslaught of cyber attacks as it steps up efforts to increase its reliance on technology over the next three to five years.
The UK operator is undertaking a massive overhaul of its current network, which is said to include a fibre optic IP network, traffic management control system, mobile apps and temperature sensors across the length of its 23,000 miles of track.
One of the key challenges ahead will be the rail network’s reliance on its supply chain. Having recently rolled out an iOS application that enables 8,500 staff to track key information such as their work activities, another dimension of managing cyber security risks – mobile security – needs to be considered.
The head of Cyber Security, Peter Gibbons, has indicated that this upgrade requires a major rethink of its cyber security strategy.
Despite covering many of the measures normally associated with information security, cyber security really only addresses the security of digital information. Information security is a broader approach that addresses the security of information in all forms and covers paper documents, physical security and human error as well as the handling of digital data.
In order to achieve an effective cyber security posture, organisations must realise that hardware and software solutions alone are not enough to protect them from cyber threats and that a broader information security approach is needed. The three fundamental domains of effective information security are people, process and technology.
ISO27001 is the internationally recognised best-practice Standard that lays out the requirements of an Information Security Management System (ISMS) and forms the backbone of every intelligent cyber security risk management strategy.
IT Governance offers a fixed-price Fast Track™ ISO27001 implementation service to companies that wish to achieve certification within four months.