On May 2, 2024, Enide was proud to participate in the second edition of the Transport Cybersecurity Conference in Brussels, Belgium. Organized by DG MOVE and DG CNECT, in collaboration with key EU transport and cybersecurity agencies, this conference has quickly become a cornerstone event for professionals across the transport sector.
Conference Overview
Following the successful first conference in Lisbon in 2019, this year’s event continued to address critical issues facing the transport industry. Magda Kopczyńska, Director-General for Mobility and Transport at the European Commission, opened the conference emphasizing the significance of cybersecurity in the upcoming European elections and its impact on the Commission’s future priorities.
Key Sessions and Takeaways
The conference was structured around four insightful panels:
Threat Landscape: Discussions led by experts like Juhan Lepassaar from ENISA focused on the evolving cyber threats facing the transport sector. The resilience of critical infrastructure and the importance of effective incident response plans were highlighted as key strategies against these threats.
Regulatory Framework: The overview of the EU cybersecurity regulatory framework by Raluca Stefanuc and others emphasized the importance of understanding and implementing existing regulations like the NIS 2 Directive and the Cyber Resilience Act. The discussions also covered the necessity for a cybersecurity framework tailored specifically for the transport sector.
Cybersecurity in Design: Talks by industry leaders from Airbus and EUROSTAR among others shed light on incorporating cybersecurity by design, stressing the significance of securing supply chains and embracing emerging technologies to safeguard against vulnerabilities.
Stakeholder Involvement: The final panel underscored the importance of fostering cooperation among various stakeholders to enhance the cybersecurity landscape. Insights from TSA and other international speakers emphasized the value of information-sharing and collaborative approaches.
Enide's Perspective
Enide’s takeaway from the conference is multifaceted. Our team was particularly impressed by the discussions on the need for an operational technology (OT) vulnerability patching program and the critical role of training managers to handle cybersecurity threats effectively. The concept of stress-testing systems through red team exercises and the unanimous agreement on the sufficiency of existing regulations like NIS 2 were also significant highlights.
Moreover, the conference solidified our understanding that cybersecurity is not just a legal compliance issue but a crucial element of protection for the transport sector, which remains one of the most targeted by cyber attacks.
As we move forward, Enide remains committed to applying these insights into our daily operations and strategic planning. The conference has not only provided us with a clearer understanding of the current cyber threat landscape but also reinforced the need for continuous education, system resilience, and proactive leadership in cybersecurity within the transport sector.