• en
Menu

Company

Commitments

Sustainable mobility

Sustainable Procurement

Health and safety

Environmental footprint

Local communities

Diversity & Inclusion

Ethics

Innovation at Alstom

Key figures

Corporate governance

Strategy

Solutions

Components

Cybersecurity

Cybersecurity vulnerability management

Digital mobility

Infrastructure

Rolling stock

Healthier Mobility™

Services

Signalling

Turnkey

Newsroom

Press releases and news

Press enquiries

Finance

Financial & Share information

Financial calendar

Financial results

Consensus

Investors presentations

Shareholders

Shareholders' meetings

Regulated information

Careers

Talk to us

Job search

The Alstom Experience

Your career at Alstom

Students & Graduates

Alstom University

Candidate data privacy

Follow us on

Leading the way to greener and smarter mobility, worldwide.

Our ambition is to accompany all transportation stakeholders in meeting tomorrow’s mobility challenges. We strive to provide them with the most efficient and digital mobility systems, while further improving the environmental friendliness of our solutions. 

Smart innovation for sustainable mobility

Follow us on

A comprehensive portfolio of mobility solutions

We offer a complete range of equipment and services, from high-speed trains, metros, trams and e-buses to integrated systems, customised services, infrastructure, signalling and digital mobility solutions.

Discover our solutions

Follow us on

Newsroom

Find the latest Alstom press releases and news, press kits, your regional press contacts and more!

Enter the newsroom

Follow us on

The one stop shop for all relevant information for investors and shareholders

Access our financial & share information, our financial calendar and results, regulated information, shareholders' meetings and investors' contacts & presentations.

See more

Follow us on

You know we make trains move. Discover how we move the world.

At Alstom, we value curious and innovative people who are passionate about working together to reinvent mobility, making it smarter and more sustainable. We are building an agile, inclusive, and responsible culture, where diverse people are offered opportunities to learn, grow and advance in their careers, with options across functions and geographies.

Learn more

Rail cybersecurity: The flipside of digitalisation

Press releases and news 20 Sep 2022

Rail cybersecurity: The flipside of digitalisation

The importance of an effective cybersecurity strategy cannot be overstated in today’s digital rail sector to run a secure and sustainable mobility system.

As rail networks digitalise, risk exposure increases, reinforcing the need for a robust strategy to secure information, infrastructure and rolling stock. This requires adapted levels of cybersecurity by manufacturers and operators, compliant with security standards and with a comprehensive approach for new and legacy systems.

Eddy_Thesee_VP_Cybersecurity_Alstom
Eddy Thésée, VP Cybersecurity at Alstom

With a background in Mathematics, telecommunication and information technology, Eddy Thésée joined the railway signalling business 20 years ago in Alstom. After several positions in Information technology, methods and tools, and continuous improvement, he is leading the Cybersecurity for Alstom covering the products, solutions and services portfolio.

Besides waking up every morning to secure mobility for millions of people, chances are you will find Eddy at the stadium cheering on his favourite football or basketball teams. 

Connect with Eddy on LinkedIn

There are three core uses of digitalisation in rail and each brings with it inherent cybersecurity risks.

  • Firstly, command and control systems are at the forefront of digitalisation and are designed to regulate signalling and ensure safety.
  • Rail traffic and operations, which focus on maximising efficiencies and safeguarding timetable adherence, are increasingly reliant on sensors, software, electronic communications assets and connected devices that require secure connections and data protection.
  • Finally, there is the passenger facing applications, which relies heavily on secured interaction with central systems.

Cybersecurity pressure points

Digitalisation provides a wide scope of benefits across all three of these core operations,  their interdependence on each other is critical to ensuring smooth operations. No one branch of the business can operate independently, nor can its cyber strategy operate in isolation.

Automationheavily reliant on software, is an obvious example of increasingly digitalised operation that has significant implications for cybersecurity.

Alstom’s innovative signalling solutions are helping to revolutionise railway communications, by reducing trackside objects and making available more intelligence and functions into each train. Equipment that is retained trackside is now also “smarter” and more technologically advanced.

Digitalisation is also paving the way for more predictive maintenance, allowing software to identify faulty or failing equipment before it fails. This reduces the need for maintenance work, allowing maintenance staff to be redeployed to other areas of operation with staffing needs.

Infographic Cybersecurity 1120x630
Smart security for cybersecurity whitepaper

Whitepaper: Cybersecurity - for safe and secure mobility
Video cover ATO page

Autonomous mobility: The future of rail is automated

All these innovations, however, need to work hand-in-glove with cybersecurity strategies that protect data, software, connectivity, and the hardware that processes and manages it. More digitisation means more digital components and interconnections between systems, bringing with them more possible areas of exposure. In short, the “attack surface” is larger and potentially more exposed.

Cybersecure from the inside and outside

Alstom firmly believes that cybersecurity should be placed at the heart of a railway company’s culture of excellence. This involves not only developing cybersecurity expertise but aligning cybersecurity and rail operations teams. Training and development of a cybersecurity culture, compliant with the industry standards and regulations, creates a firm and common ground.

Besides being heavily involved in their definition and deployment, we address the entire cybersecurity lifecycle from the inside and outside by meeting the highest industry standards for information security, ISO 27001, international cybersecurity standard for industrial control systems, IEC 62443 as well as the specific railway standard: TS50701.

Managing the risks for new and legacy systems

Designs for all new Alstom projects prioritise cybersecurity alongside traditional engineering and safety considerations. All Alstom product development is undertaken on a "secure by design" basis, starting with a comprehensive risk analysis and an architecture framework that is heavily focused on integrating cybersecurity.

All systems developed, deployed, and maintained by the company are equipped with protection defined to safeguard operations against cyber threats. This includes implementing systems with design features that provide operators with the flexibility to make relatively easy and affordable modifications in line with future security needs. Railway operators must deal with a combination of new and legacy systems. It’s vital that these assets are included in a comprehensive cybersecurity strategy to minimise risk – both now and in the future.

The challenges are not insignificant: a poor design that does not guard against evolving cyber threats can compromise the safety and operational response of entire networks. The need for cybersecurity to be a day one consideration in the development of any new project is therefore stark. Cyber threats are constantly evolving – and so too should strategies to deal with those threats.

Smart security for cybersecurity whitepaper

Cybersecurity: for safe & secure mobility
Digital Mobility

Whitepaper: Digitalisation of Mobility