Monday, 5 February 2018

Ways for malware to attack railway systems

The Cyber Senate 3rd Annual Rail Cyber Security Summit is pleased to announce Israel Railways Ltd will be joining us as one of our Keynote Presenters on March 13/14th in London.

Israel Baron, CISO, Israel Railways Ltd., served for 9 years in the Israeli Ministry of Defense at the DSDE (Director of Security of the Defense Establishment) as a Technology & Information security officer and acted as the regulator of some of the biggest Israeli Defense Industries. In his current position at Israel Railways Ltd., Israel is responsible to build the tools, technologies and human resources to accomplish the cyber resilience for the Israel Railways systems and technologies.

Mr Baron will present Keynote Session "." 
  • Air gaped systems are secured, the big misconception.
  • Ways for malware to attack railway systems
  • Moving from the digital world to the physical world – ways and scenarios
  • Ways to mitigate those threats
  • Test cases from real life
Attendance at this year's event is capped and only 15 seats remain. Act now to avoid disappointment.
March 13th and 14th 2018 
3rd Annual 
Rail Cyber Security Summit
Marriott Regents Park Hotel London United Kingdom
Sponsored by Cylus, RazorSecure and Unisys

Co-Located with the Maritime Cyber Security Summit
Presenters include the following Thought Leaders, with more announcements to come!
  • Peter Van den Bossche, Infrabel, Information Security Officer
  • Geir Arild Engh-Hellesvik, NSB Group IT, Chief Information Security Officer
  • Natasha Maksymowski, Rail Cyber Security Advisor, Transport Security - Coordination and Operational Response (TS-COD), Department for Transport
  • Chris Johnson,University of Glasgow, Head of Computing Science
  • Russ Evans, Rail Industry Safety and Standards Board (Australia),General Manager National Rail Programs
  • Sergey Tverdyshev, certMILS project, Technical Leader of the certMILS project
  • Marc Antoni, International Union of Railways, Director of the Rail System Department
  • Chris Blask, US ICS ISAC, Chair, Global ICS Director, Unisys
  • Markus Heinrich, Technical University Darmstadt, Security Engineering Group of TU Darmstadt
  • Ken Munro, Pen Test Partners, Founder and Partner
  • Christian Schlehuber, DB Netz, Team Leader CyberSecurity OT
  • Robert Stroud, Adelard, Principal Consultant
  • Douglas Young, HS2, Asset Information Manager
  • Sonia Zahiroddiny, HS2, BIM Strategy Manager
  • Vish Kalsapura, Network Rail Digital Railway, Principal Engineer Digital Railway 
  • Colin Browne, Network Rail Digital Railway, Principal Architect, Cyber Security and New Technologies

For further information on speaking, sponsoring or attending, please contact or call +44 (0)207 096 1754

Tuesday, 12 December 2017

Cyber Security for the Digital Railway

Press release

12 December 2017
London Marriott Hotel Regents Park
Rail leaders to gather at London cyber security summit

Leaders from across the rail sector will gather in London in March 2018 for a conference exploring the cyber security threats to the industry and how they can be tackled.

Taking place at the London Marriott Hotel Regents Park on March 13th and 14th 2018, the event will discuss technical issues such as cybersecurity and safety, command and control system vulnerabilities, endpoint protection, third party risk and feature numerous case studies demonstrating how the rail sector is currently coping with evolving cyber threats.

It will also include discussions about how these issues can be managed at an operational level, such as how to develop a culture of awareness throughout the organisation, manage the cyber skills gap, developing more effective methods for effective public and private information sharing and what how cyber security threats may have an impact on security.

Key speakers will include:

·       Douglas Young, Asset Information Manager, HS2
·       Sonia Zahiroddiny, BIM Strategy Manager, HS2
·       Marc Antoni,  Director of the Rail System Department, International Union of Railways,
·       Dr Jan Collie, Principal & Senior Forensic investigator, Discovery Forensics
·       Francesco Di Maio, Head of Security Department, ENAV
·       Ken Munro, Founder and Partner, Pen Test Partners,
·       Christian Schlehuber, Team Leader CyberSecurity OT, DB Netz

Visit for the full speaking line up

Discussing the event, James Nesbitt, the founder of the Cyber Senate, which specialises in organising sector-specific events about all aspects of international cyber security, said: “The widespread use of digital technology opens up many opportunities to the rail sector – such as increased efficiencies, network optimisation, and improved asset visibility – however it also brings with it many threats, which require very careful management.
“The potential for improved performance and profits needs to be offset against the risk of breaches that have the potential to cause many millions of pounds of damage and lead to downtime that could prove catastrophic for rail networks and their passengers. And as the threat is constantly evolving, so too must the knowledge of those overseeing operational and IT security experts within the sector – something that this conference will help them to do.”
In addition to the 3rd Annual Rail Cyber Security Summit, Cyber Senate will also be hosting the Maritime Cyber Security conference – aimed at operational and security specialists in the maritime industry – at the same venue.

Where: March 13th & 14th March 2018
When: Marriot Regents Park Hotel, 128 King Henry’s Road, London, NW3 3ST
For more information, contact James Nesbitt on +44 (0)207 096 1754 or

Tuesday, 28 November 2017

Rail Cyber Security and Maritime Cyber Security

On 13/14th March 2018 in London the Cyber Senate will be hosting the 3rd annual Rail Cyber Security Summit and our inaugural Maritime Cyber Security Summit, both side by side at the Marriott Regents Park Hotel.

We are pleased to announce our Maritime speaking line up is nearly complete and our agenda is online! We are pleased to be working with MOL Group LNG, Adani Group, BE CYBER AWARE AT SEA, DP World Antwerp, PSA Antwerp and many more amazing Thought Leaders on this show.
Recently confirmed Rail Cyber Security Thought Leaders include Infrabel, HS2, Department for Transport, Deutsche Bahn, NSB Group IT, International Union of Railways, Discovery Forensics, Pen Test Partners and more including the US ICS ISAC.

Ticket upgrades are available for those who wish to have access to both rooms on the day. Early Bird tickets are currently advertised until sold out. 

We hope to see you next March!

The Cyber Senate is proud to announce the

3rd Annual 
Rail Cyber Security Summit

Co located with the
Maritime Cyber Security Summit
Both shows held side by side 13th and 14th March 2018!

2 days of top level engagement across two emerging sectors addressing evolving cyber threats in the 21st Century
Please visit the site to opt in to future email announcements.

Both events will be held at the Marriott Regents Park Hotel London

For further information on speaking, sponsoring or attending, please contact or call +44 (0)207 096 1754

Monday, 6 November 2017

3rd Annual Rail Cyber Security Summit London March 13/14th 2018

On March 13th and 14th 2018, the Cyber Senate Rail Cyber Security Summit returns to London United Kingdom to address the evolving cyber threats to global rail infrastructure.
Advanced digitisation widely deployed to increase enterprise efficiencies, network optimisation, enhanced asset visibility and increased shareholder value, has also created a proliferation of endpoint vulnerabilities throughout a legacy system historically isolated from such threats.
From passenger information systems to IT and OT converged architectures and the rapidly advancing deployment of the Internet of Things, the C suite now have a challenge on their hands that may increase profitability but also may prove to have severe consequences capable of effecting the ability to run and operate rail infrastructure safely.

Join us as we address change transformation, cybersecurity and safety, maturity models, governance and share technical case studies from front-line IT and OT leaders. Together we will discuss best practice in supply chain and third party risk, developing a culture of awareness, training and managing skills gaps. We will also look at the potential impact of insurance, how we are redefining procurement language, but most importantly, how the industry can better develop its response capability and leadership.

Learn more about the programme and who will be joining us at

Tuesday, 24 January 2017

How to hack a train, safely

On March 14th and 15th in London, Solutions Architect James McKenney of the CSX Corporation will be discussing "How to hack a train, Safely. Rail Cyber Risk, Testing Methodologies and Techniques," for the Cyber Senate 2nd Annual Rail Cyber Security Summit.

Mr McKenney states, "The rail environment has its share of anecdotes on cyber risk and rumors of cyber attacks. But really, can a cyber attack cause a safety issue? Can it truly disrupt rail operations? In this talk I discuss the program I developed and led over the summer which built a live environment of in-service locomotives, switches, crossings and signals for hackers to attack and explore eleven questions that keep coming up in rail; For example; Can a cyber attack cause a train to accelerate out of control? Can a cyber attack cause a train to miss a braking target? Can it cause a collision? To finally put the anecdotes to rest we built a program with real trains, engineers and missions to understand impact, and, if an adverse outcome was possible, what level of expertise would be needed to carry it out.

In the presentation I can’t discuss the actual results; but I can discuss how to frame the program, gain support, build and run the program. I also discuss the developed methodologies, techniques and lessons learned from attempting to achieve inherently unsafe outcomes."

The CSX Transportation network encompasses about 21,000 route miles of track in 23 states, the District of Columbia and the Canadian provinces of Ontario and Quebec. Their transportation network serves some of the largest population centers in the nation. Nearly two-thirds of Americans live within CSX’s service territory. The company’s rail and intermodal businesses serve major markets in the eastern United States and has access to over 70 ocean, river and lake port terminals along the Atlantic and Gulf Coasts, the Mississippi River, the Great Lakes and the St. Lawrence Seaway. The company also has access to Pacific ports through alliances with western railroads.
Additional Speakers include: Department for Transport, RSSB, SNCF, DB Netz, London Underground, Network Rail, NS Dutch Railways, Thales, The Go Ahead Group, ERTMS Users Group with special panellist contributions from Transport for London and leading transport cyber security subject matter experts from the US based AMC Cyber and panel moderation from the US ICS ISAC.
Final seating is now being allocated

2nd Annual 
Rail Cyber Security Summit 

London England
14th & 15th March 2017
Millennium Gloucester Hotel

Lead Co Sponsors Thales
Associate Sponsors Waterfall Securities
Exhibitors LightCyber

Media Partners include:
AMC Cyber, CCI, Infosecurity Magazine, Webster University's Cyberpspace Research Institute, ICS ISAC

Exclusive hotel rates are available for a limited time at the Millennium Gloucester Hotel

Sponsorship and delegate information contact
or call + 44 (0)207 096 1754 

2016 sold out with representatives from the Rail Operators, Government, Cyber Security Solution providers and industry leading consultants and integrators.    

Asset Information and Data Management for Smart Rail June 14/15th London
Call for Papers contact
The Cyber Senate is a division of Sagacity-Media Ltd 
Registration number Companies House 
08753316, England & Wales

Friday, 6 January 2017

Department for Transport Head of Cyber Security provides Keynote on Rail Cyber Security Summit in London

Key Note Presentation Achieving Cyber Security – The Government’s Role in Partnership with Industry
On March 14th and 15th in London the Cyber Senate will host its 2nd Annual Rail Cyber Security Summit, addressing cyber risk, safety and threats to rail infrastructure globally. 
With key presenters and panellists from DFT, TFL, London Underground, Network Rail, ICS ISAC, SNCF, DB Netz, Thales, RSSB, NS Dutch Railways, the Go Ahead Group, Acalvio Technologies, Power Standards Lab and many more, the Summit will provide a unique opportunity for asset owners and cyber subject matters to convene and create actionable dialogue.

"Transport in Europe provides for the movement needs of over 700 million people and associated freight." And that is just Europe. The Keynote Presentation, provided by Stephen Cummins, Head of Rail Cyber Security, DFT, United Kingdom, participants will have the unique opportunity to hear first hand about the "The Government’s Role in Partnership with Industry." 
Taking place at 9:10am - 9:50am Mar 14 at the Millennium Gloucester Hotel in London, this is your opportunity to hear how Government and industry are working together to achieve this and what more needs to be done. 
Details ° Cyber remains one of the top threats to the UK’s economic and national security. Like much of the UK’s national infrastructure, the transport sector is a potential target for cyber attack. ° The National Cyber Security Strategy for 2016-21 sets out an ambitious approach to achieve security in cyber space. This is based on defending people and businesses, deterring adversaries and developing skills and capabilities. ° The Government can’t do this alone – citizens, business and organisations have a part to play. This is particularly true for the rail sector, where several organisations are involved in the operation of a safe, secure and reliable railway network. ° The Government wants this network to be secured against cyber attacks and to gain assurance that necessary action is being taken to identify, manage and mitigate cyber risks.     

The Department for Transport Head of Cyber Security will also contribute to the Cyber Senate panel session including Network Rail and RSSB on "Government and Industry- Creating a Culture of Awareness." Panellists will answer questions such as: 
° How are industry and Government working together to create a culture of awareness? 
° What is working best for you in your area of responsibility?
° What is the one change you would make if you had no limits to improve awareness of cyber security?

Furthermore, industry leaders including the DFT will also contribute to 
Securing IOT and IIOT - Playing Catch-Up in the 21st Century
5:20pm - 5:50pm Mar 14

How can we ensure IOT and IIOT security and integrity? 
° Are we seeing any standardisation in the manufacturing process i.e. building devices on an agreed upon open
° Are we seeing IT security incorporating safety into their threat modeling?
° Is IT consulting with OT on how to do so?
° How can we facilitate the required convergence more effectively?

Cyber Security and Safety- Ensuring operational integrity
2:30pm - 3:00pm Mar 15

° Understanding the interdependencies between safety and security
° How do we integrate these functions?
° Do we speak the same language?
° Should we develop a translation mechanism or agree on a common terminology?
° What are the impacts of human factors

Powered by Bizzabo

Tuesday, 29 November 2016

Train hacking, safety and cyber security and IOT security discussed at 2nd Annual Rail Cyber Summit

Advanced connectivity and the digitisation of future rail systems will provide greater levels of efficiency and optimisation, reduce carbon footprints and deliver greater value to asset owners, shareholders and passengers. However the integration and implementation of ERTMS, ETCS and CBTC systems, the connected interdependence of the next generation rail eco system introduces new vulnerabilities to infrastructure historically isolated from cyber attacks. The proliferation of machine to machine sensors, the Internet of Things and the convergence of IT and Operation Technologies – two very different disciplines, has extended the attack surface dramatically. From insider threats to malware to the manipulation of electromagnetic interferences, the industry has a new challenge to ensure the safety and reliability of the UK and European rail transport sector.  "Transport in Europe provides for the movement needs of over 700 million people and associated freight." Join the Cyber Senate on March 14th and 15th in London for an in-depth discussion on the current and future threat, how the industry is responding , the absolute importance of “Security by Design,” the challenges that bridging IT and OT bring in deploying enterprise facing architecture and how to further develop a culture of awareness. 
Powered by Bizzabo