Cybersecurity

Building a framework.

We combine rail operational best practices with cybersecurity state-of-the-art technology, forming a multi-level rail cybersecurity plan in a logic of Protect, Detect and Respond.

Protect: install specific protection measures to prevent and discourage cyber-attacks.
Detect: establish mechanisms to rapidly identify actual or suspected cyber-attacks.
Respond: undertake appropriate action in response to confirmed security incidents to achieve business continuity or disaster recovery.

Resilience and recovery.

Identifying all the critical assets and components to be protected in a rail transport application is a lengthy process, and it is becoming ever more complex and costly to harden every system aspect against all types of cyber threat.

We adopt a smart and adaptive approach with the aim of improving system resilience – defined as a system’s ability to recover or regenerate its performance after a degradation caused by a successful cybersecurity attack.

Centre of excellence.

To give substance to our wide range of skills and expertise, we recently opened the Egis Cyber Master Security Operations Centre (SOC) in Mumbai, India, in association with our partner Cylus.

This new entity includes SOC facilities, unique and innovating technologies, and experts to provide tailored IT and OT network cybersecurity managed services to our rail customers worldwide.

Full lifecycle scope.

Our services encompass the whole rail project lifecycle, addressing both the high and detailed level of rail cybersecurity needs. We support our customers with services ranging from simple periodic risk assessments to the use of a managed detection and response (MDR) service with 24/7 monitoring of their IT and OT networks.

Intelligence and monitoring.

The SOC supports an extensive list of security devices and systems, and is integrated with market leading OT monitoring technology CylusOne. Our security monitoring experts are able to analyse incidents, deal with false positives, and respond appropriately to critical events. Combined with a dedicated Rail Threat & Vulnerability Intelligence lab, we provide intelligence services that go way beyond publicly available Indicators of Compromise (IOC).

On-site, off-site.

We offer our clients on-site SOC building and management of in-house MDR services. Alternatively, they have the cost-effective option of remote MDR services provided by our master SOC.
We provide access to a dedicated team of Rail & cybersecurity experts equipped with a state-of-the-art rail cyber technology to detect, analyse and respond to advanced threats in real time.

World-leading certification.

We aim to offer our clients best-in-class expertise benefitting from official recognition. Our security monitoring experts are qualified GIAC-Certified Intrusion Analysts (GCIA) and GIAC-Certified Forensic Analysts (GFIA), while our SOC and technology are certified by and aligned with ISO27001 / 9001, IEC62443 , EN50155 and with the upcoming TS50701 standard.

Cybersecurity

Protecting essential operations.

Our key areas of expertise.

Our key achievements.

Our approach.

Building a framework.

Resilience and recovery.

Centre of excellence.

How we help.

Full lifecycle scope.

Intelligence and monitoring.

On-site, off-site.

World-leading certification.

Our sector leaders.

Related projects.

Related news & insights.