Digital Risk Assessment

Digital Risk Assessment

What is a digital risk assessment?

As digital technology plays an increasingly prominent role in day-to-day rail operations, so the industry must prove itself ever-more resilient to emerging threats.

Cyber security, with its focus on the protection of IT systems and infrastructure, is only part of the equation.

Digital resilience looks beyond IT processes and encompasses an organisation's processes, governance and physical assets, as well as its interactions with customers, staff and the outside world.

In-depth, rail-focused risk assessments

Applying an approach that combines any existing Cyber Security Management Plan, IEC 62443 (global standard for the security of Industrial Control System networks) and global best practice from the rail industry, our teams of rail domain experts and cyber security specialists will perform a thorough assessment of your current risk status

Most importantly, rather than following a generic industry approach, our digital risk assessments are designed to accommodate the unique characteristics of the rail industry - such as its open and accessible environments - and take into account the full range of potential threat sources, including those from non-malicious actors.

At the end of the process, you will be presented with a detailed, impact-led appraisal of the cyber-risks faced across your operations, prepared with a rail 'mindset' and accompanied by guidance on proportionate mitigation measures and recommended next-steps.

Benefits of a digital risk assessment

  • Security risks identified
  • An organised body of evidence available to regulatory bodies
  • Rail sector knowledge that focuses on areas of highest risk
Digital risk assessment: Aventra

Digital risk assessment: Aventra

In partnership with Roke Manor Research Ltd, a leading UK innovator in cyber security,  Ricardo's experts helped Bombardier’s undertake an in-depth assessment of the Aventra's exposure to cyber threats.

Read more