European Commission Hosts First Transport Cybersecurity Conference
Transport, like many other areas of society, is becoming increasingly digital. As a result, cybersecurity is one of the main challenges for the sector.
The European Commission has responded to this by teaming up with the European Union Agency for Network and Information Security (ENISA), the European Union Aviation Safety Agency (EASA), the European Maritime Safety Agency (EMSA) and the EU Agency for Railways (ERA). Together, they hosted the 1st Transport Cybersecurity Conference in Lisbon, Portugal, on 23 January 2019.
Importantly, participants agreed they had to share information. To increase their resilience to cybersecurity threats, they also have to share best practices, they said.
Key Points of the Cybersecurity Conference
Cyber-attacks pose a serious and potentially fatal threat. European transport systems must show resilience.
Participants said it was important to look at the human element as well as addressing internet-connected systems. This requires co-operation between technical and operational levels.
So far the EU Directive on Security of Network and Information Systems provides a solid foundation to increase cybersecurity and resilience in transport.
There are non-regulatory actions industry members are and should be taking. These include exchanging information, building capabilities, raising awareness and developing cyber skills. All these aspects should contribute to a cybersecurity culture.
Furthermore, it is vital to work closely with international partners and organisations because transport is both global and interconnected.
The conference also highlighted how important it is for DG MOVE, DG CONNECT, ENISA, EASA, EMSA and ERA to work together on cybersecurity in transport.
These organisations are considering the following actions:
To follow the NIS Directive closely. Cybersecurity must be a regular agenda item during meetings of the Land Transport Security Expert Group (LANDSEC) for example. The European Union will encourage sectoral initiatives that are stated in the Cybersecurity Act. Furthermore, there must be sharing of ideas through meetings and workshops dedicated to the topic. This will bring experts from different transport modes together.
Importantly, DG MOVE will support the development of a cybersecurity toolkit. This will give transport staff training and knowledge on good cybersecurity.
Finally, cyber-dialogues with third countries must continue, as must c0-operation with international organisations.