1、 0 RAILWAY CYBERSECURITY Good practices in cyber risk management NOVEMBER 2021 RAILWAY CYBERSECURITY November 2021 1 ABOUT ENISA The European Union Agency for Cybersecurity,ENISA,is the Unions agency dedicated to achieving a high common level of cybersecurity across Europe.Established in 2004 and st

2、rengthened by the EU Cybersecurity Act,the European Union Agency for Cybersecurity contributes to EU cyber policy,enhances the trustworthiness of ICT products,services and processes with cybersecurity certification schemes,cooperates with Member States and EU bodies,and helps Europe prepare for the

3、cyber challenges of tomorrow.Through knowledge sharing,capacity building and awareness raising,the Agency works together with its key stakeholders to strengthen trust in the connected economy,to boost resilience of the Unions infrastructure,and,ultimately,to keep Europes society and citizens digital

4、ly secure.More information about ENISA and its work can be found here:www.enisa.europa.eu.CONTACT To contact the authors,please use resilienceenisa.europa.eu For media enquiries about this paper,please use pressenisa.europa.eu.AUTHORS Theocharidou Marianthi,Stanic Zoran,ENISA De Mauroy Louise,Lebain

5、 Loc,Haddad Jules,Wavestone.ACKNOWLEDGEMENTS We would like to warmly thank all the experts that took part in our workshops and provided comments.Their contributions and inputs were essential for the creation of this report.ENISA would like to thank the European Railway Agency(ERA),the European Railw

6、ay Information Sharing and Analysis Centre(ER-ISAC)and UNIFEs cybersecurity working group for their support.Andersson Johan A.,Tranfikverket Boff Sacha,Banenor Bos Stoffel,Prorail Boss John,Prorail Brouwer Riemer,Prorail Cabral Pereira Mrio Jorge,Infraestruturas de Portugal Chatelet Thomas,ERA Cianc