Skip to main content

European data security agency focuses on public transportation cyber security

In the light of the trend towards smart cities, the European Union Agency for Network and Information Security (ENISA) has released a report on smart cities and their intelligent public transportation (IPT) systems. The report, Cyber Security and Resilience of Intelligent Public Transport, focuses on the protection of the assets critical to IPT in the context of smart cities. These assets are considered critical as they contribute to the normal operation of local public transport networks, including metr
February 15, 2016 Read time: 2 mins
In the light of the trend towards smart cities, the European Union Agency for Network and Information Security (ENISA) has released a report on smart cities and their intelligent public transportation (IPT) systems.

The report, Cyber Security and Resilience of Intelligent Public Transport, focuses on the protection of the assets critical to IPT in the context of smart cities. These assets are considered critical as they contribute to the normal operation of local public transport networks, including metro, buses, light rail and other modes of mass public transport found in smart cities.

It also gives an overview of the existing security measures, or good practice, that could be deployed to protect critical assets and ensure security of the IPT system, based on a survey and interviews of experts from the sector, municipalities, operators, manufacturers and policy makers.

The report makes recommendations for the European Commission (EU) and its member states, IPT operators and manufacturers of IPT systems, including:

The EU and its member states should promote an EU-wide public/private collaboration on IPT cyber security and facilitate the development of a common EU approach to IPT security, including the development of harmonised standards.

IPT operators should integrate cyber security, its strategy and risk management into their corporate governance and routinely re-evaluate their cyber security processes.

Manufacturers of IPT systems should develop products/solutions that match the cyber security requirements of IPT end-users, collaborate in the development of IPT-specific standards and apply them to IPT solutions and develop a trusted information sharing platform.
boombox1
boombox2