Security

Security analysis with a safety flavour.

Do you have a sufficiently secure system today? Will the system be safe in the future? Actually, no one who comprehends these questions can answer yes to both. However, as a train operator or railway infrastructure owner, it is essential that you assess the security of your operations.

At Cactus Rail, we work highly dedicated in this area in order to offer our customers a secure solution for their industrial control systems.

 

Building a secure platform

As a first step in a continuous security work, we offer our customers a security analysis.

The security analysis is based on your current system and how it interacts with its environment. In this in-depth assessment, your system is methodically and thoroughly analysed to identify weaknesses and opportunities for improvement.

The result is a concrete action plan with priorities and security measures.

 

Clear guidelines and instructions

To protect the systems, clear guidelines and instructions are needed on how the work should be carried out.

Different workplaces, their function and equipment, and – not least – password policies often need to be clarified. This is particularly important since the desire to integrate information from the supervisory systems with the rest of the operation is increasing from year to year. Ongoing security updates are needed regarding the status of networks and firewalls for the computer equipment, whereby controls are carried out and logs are registered.

 

Together, we are the experts

Cactus Rail has more than 20 years’ experience in railway control – and together with our customers we know what features and processes are the most critical.

We also know the demands placed on the IT architecture surrounding the systems. Cactus Rail can therefore be responsible for providing customers with knowledge about the relevant requirements and guidelines from various institutes and organizations (ENISA, NIST, etc.).

The security analysis starts with a theoretical review of the security, requirements and guidelines that are present in the current situation. It is based on a list that the Swedish Civil Contingencies Agency has developed. The security analysis is generic and is applicable to any system from any supplier.

 

In an ecosystem with different equipment of various ages from different vendors which is also geographically scattered. IT security must be a priority – otherwise each component pose a risk.

The security analysis starts with a theoretical review of the security, requirements and guidelines that are present in the current situation. It is based on a list that the Swedish Civil Contingencies Agency has developed. The security analysis is generic and is applicable to any system from any supplier.