The 2024 ERA-ENISA Conference on Railway Cybersecurity seeks to strengthen sector preparedness and resilience against current threats

Back to News

Amidst emerging technology advancements and evolving security challenges in the sector, the fourth edition of the conference aims to explore the railway cybersecurity threats landscape.

The 2024 ERA-ENISA Conference on Cybersecurity in Railways, held in Lille on 2-3 October, successfully highlighted the ongoing collaboration between the European Union Agency for Railways (ERA) and the European Union Agency for Cybersecurity (ENISA) in addressing critical cybersecurity challenges within the railway sector.  

Celebrating the 20th anniversary of both EU Agencies, the conference welcomed 150 experts, including high-level EU officials, to discuss the latest developments in railway cybersecurity. 

The EU Agency for Railways Executive Director, Josef Doppelbauer, stated: “Railway users expect good quality of service with uncompromised safety and security – therefore, we need to protect the railway system also from cyber-attacks. Cybersecurity is crucial to operate an efficient railway system. We need to act in cooperation with ENISA, with the European Commission, and with the sector.” 

The EU Agency for Cybersecurity Executive Director, Juhan Lepassaar, stated: “The latest ENISA threat landscape report revealed that transport is the second most targeted sector for this year. The recent emergence of cybersecurity attacks in railways, along with geopolitical tensions, indicate that it is crucial to prioritise cybersecurity to safeguard critical infrastructure. To this end, advanced cooperation and joint efforts are key to work proactively and stay ahead of evolving threats.” 

Key discussions focused on the implementation of the NIS2 Directive, emphasising the regulatory framework and the need for protection against vulnerabilities within railway systems. Attendees shared insights on EU initiatives and the need to enhance cybersecurity awareness and skills among stakeholders. Additionally, panel discussions were complemented by a parallel workshop on human and organisational factors fostering a safety culture, as well as cybersecurity awareness raising games. A special thematic session on railway vehicles was held, examining technical aspects of railway security such as identified weaknesses and authority inspections. 

The event has reinforced the commitment of both agencies to support the railway sector in navigating the complexities of cybersecurity while fostering a collaborative community aimed at safeguarding Europe’s rail networks.  

About ERA 

The European Union Agency for Railways was established in Valenciennes in 2004, and has 200 employees representing more than 22 European Member States.  

ERA has been providing EU Member States and the European Commission with technical assistance in the development and implementation of the Single European Railway Area. This comprises enhancing technical interoperability and harmonising rules, promoting simplified access for customers, developing a common approach to safety and safety culture, advising on telematics applications and ERTMS (European Rail Traffic Management System), monitoring National Safety Authorities and Notified Bodies and facilitating the exchange of information between the railway actors in Europe.  

Since 16th June 2019 the EU Agency for Railways is mandated to issue single safety certificates and vehicle (type) authorisations valid in multiple European countries and to ensure an interoperable European Rail Traffic Management System. 

About ENISA 

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.  

Established in 2004 and strengthened by the EU Cybersecurity Act, the European Union Agency for Cybersecurity contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow.  

Through knowledge sharing, capacity building and awareness raising, the Agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the Union’s infrastructure, and, ultimately, to keep Europe’s society and citizens digitally secure. 

Further Information 

4th ERA-ENISA Conference on Cybersecurity in Railways — ENISA (europa.eu) 

Railway Cybersecurity - Good Practices in Cyber Risk Management — ENISA (europa.eu) 

Cybersecurity in Railways Conference: Key Takeaways — ENISA (europa.eu) 

Zoning and Conduits for Railways — ENISA (europa.eu) 

European Union Agency for Railways Moving Europe towards a sustainable and safe railway system without frontiers. (europa.eu) 

Contact 

For questions related to the press and interviews, please contact  

press(at)enisa.europa.eu / press(at)era.europa.eu