Next generation protection in the digital age

Technology advancing at an ever-increasing pace and the transport industry continuing to make progress towards digitalisation brings many benefits for both operators and passengers. The rise of artificial intelligence (AI) and Machine Learning (ML) streamlines efficiency and improves revenue for operators, giving them the intelligence required to action proactive maintenance and improve service reliability for passengers. Advancements in connectivity services on-board mean that passengers, who often expect this service, can access infotainment and Wi-Fi throughout their journey, improving overall customer satisfaction.

Whilst this range of digital and often cloud-based services offer many advantages, more connected solutions potentially create opportunities for cyber-attacks, with criminals searching for vulnerabilities in the increased number of entry points onto a system. Due to this, it is more important than ever to implement a robust cyber-security system alongside other connectivity services to combat these vulnerabilities and reduce the risks that they introduce. Nomad Digital’s Security-as-a-Service (SECaaS) product ‘Secure’, within its wider ‘Protect’ solution, offers a comprehensive approach to cyber-security, going beyond a ‘software-only’ solution to aid in the detection and response to cyber-attacks.

Peace of mind with up to 24/7 support

Whilst any SECaaS offering can give operators security for their systems, these are only as effective as the support that accompanies them. The Nomad Secure offering allows operators to set a response Service Level Agreement (SLA) with Nomad Digital, allowing for up to 24-hour a day, 7 days a week, support coverage from their specialist Service Desk team. This around-the-clock support gives operators the peace of mind that any risk that is detected will be addressed promptly, minimising any potential damage and downtime. It also improves the security posture of operators, with breaches responded to and resolved promptly, meeting any relevant compliance requirements.

A robust system for the digital train

Nomad Secure works to protect data at every entry point into the operator’s system, ensuring that there are no vulnerabilities. The Intrusion Detection System (IDS) constantly monitors the Communications Controller Unit (CCU) that sits within the train for physical or remote attacks. This could be someone deliberately trying to access the CCU via a physical connection to the network or CCU itself. In the case that an interference is detected, real-time alerts allow Nomad’s Service Desk to warn the operator immediately, stopping a potential attacker before they can gain access to any of their systems and cause a breach. Nomad Secure also monitors the operator’s Customer Data Centre (CDC), constantly assessing for vulnerabilities whilst auditing and recording all access gained. This ensures that the correct access rights are given to those working on the system, with any suspicious or incorrect access being flagged and blocked by Nomad Secure.

Managing risk to ensure complete security

Monitoring risks and vulnerabilities within a system is important, but continued improvement of the security of a system cannot be made without comprehensive documentation and tracking of past incidents. Nomad’s Security Management Plan sets out responsibilities, policies and procedures to ensure that the correct planning is put into place. This provides key stakeholders with the required information to evidence compliance with industry advice or standards, as well as showing the effectiveness of the security controls in place to protect both the transport operator and the passengers. Nomad Digital also works with operators to provide vulnerability management. This is done by assessing vulnerabilities of both the external CDC and on-train interfaces to ensure that all entry points onto the system are secure. The findings are then collated into a report, with recommendations for operators on how they can improve their current security posture. This continued assessment of previous incidents and improvement in the security of the operator’s system greatly reduces the risk of a future breach.

Looking to the future

Nomad Digital is a leading provider of passenger and fleet management and monitoring solutions to the transport industry, and we are now able to combine our expertise with that of our parent company, Alstom, and leading technology services partners to strengthen security within the railway sector by delivering a Security Operations Centre (SOC) for Nomad Secure. The SOC will improve threat detection by constantly monitoring systems for suspicious activity, and identifying threats before they can cause significant damage to the operator. This system will also improve response times, with breaches being quickly and efficiently mitigated. Once released later in 2024, the SOC will be offered in conjunction with advanced analytical tools to provide a very high level of cyber-security oversight and resilience, strengthening the security posture of operators.

While digitalisation offers significant benefits to the rail industry, it also creates new cyber-security challenges. With an estimated $8 trillion lost to damage costs from cyber-crime in 2023, the risk must be taken seriously. Nomad Secure’s comprehensive approach goes beyond a traditional software solution, providing 24/7 support, intrusion detection and vulnerability management to give operators full security protection on all of their systems. By combining Nomad Digital’s expertise with Alstom’s resources, the upcoming Security Operations Centre (SOC) will further improve threat detection and response times, offering next generation cyber-security resilience for the digital age. This commitment to continuous improvement also ensures that operators have the peace of mind to focus on delivering a safe and reliable passenger experience.

To learn more about how you can utilise Nomad Secure to protect your fleet, please contact Nomad Digital at [email protected].