Cyber incident response planning is enabling you to create a plan to react and respond to cybersecurity incidents once identified in your signaling and control networks.
No matter how much care you take in protecting your signaling and control systems, it is always possible that unwanted intrusions might compromise them. It is especially true in railway environments, where most networks involve legacy systems and protocols designed to operate for decades, introducing additional vulnerabilities over the years. In addition, external threats are increasing in number and sophistication, therefore, requiring a robust strategy for determining the appropriate response planning.
We offer to assist you with developing your cyber response plan to your rail operational environment. The first phase of our methodology is to build incident response policies and procedures. Then, we identify and determine the different stakeholders within the response process, and set their corresponding roles and responsibilities at the different response phases.
Once the roles and responsibilities are established, we define the communication channels between the different parties within your organization. This includes establishing a reporting procedure for an identified alert, setting the procedures, and implementing the technologies for containing an event and eliminating its immediate threat.