// identify with email mootrack('identify', 'john@doe.com'); // identify with email and name // commented out as you need to choose one of these calls only //mootrack('identify', 'john@doe.com', 'John Doe'); Rail Cyber Resilience Summit Agenda 2026 | OT Security, ERTMS & NIS2 in Rail
top of page

Agenda

21st October


Rail Cyber Resilience Summit (RCRS)

Securing the Digital Railway: Moving from Reactive Defence to Predictive Resilience, Engineering Cyber Resilience
Across Europe’s Rail Ecosystem

7:55 am

Chairman’s Opening Remarks

Governance, Regulation & Systemic Risk

8:00 am

STANDARDS & CERTIFICATION: ENU/TSI/NIST CONFLICT, FRAGMENTED INTERPRETATION

Opening Presentation: Intro on Railway Digitalisation, Expected Benefits for the Stakeholders, Key Enabling Technologies and Future Regulations

Daniele Bozzolo, Chair, International Standardization Body IEC

8:25 am

Strategic Morning Panel Discussion: Making the Leap Forward from Framework to Frontline: How to Operationalise NIS2, Least Privilege and Risk Policy at Enterprise Scale

This session delivers a practical playbook for translating security frameworks into operational reality, showing how rail organisations can move faster from vision and policy into deployed, measurable controls without stalling delivery or inflating cost.

Vish Kalsapura, Principal Engineer, Network Rail

Tonu Tammer, Chief Information Officer, AS Eesti Raudtee

Přemysl Šrámek, Cyber security auditor, Správa železnic

9:10 am

Lightning Talk: OT Security in Practice: Implementing NIS 2 and CRA throughout the OT lifecycle

Presenting examples, this talk will demonstrate how risk analyses, security requirements engineering, system architecture design, hardening, test automation, monitoring and vulnerability management are interlinked. The presentation will show how a structured approach based on IEC 62443 covers both regulations and where NIS 2 and the CRA go beyond existing standards.

Martin Koop, Head of Railway Security, INCYDE GmbH

Read More

9:30 am

Morning Coffee Connections – Sponsored by INCYDE GmbH

30 Minutes to connect with fellow attendees

10:00 am

Panel Discussion: Engineering CRA-Compliant Rail Products, Defining Ownership, Requirements and Lifecycle Responsibility Across the Supply Chain

A practical, commercial and technical playbook for translating Cyber Resilience Act (CRA) requirements into deployable, sellable and future-proof rail products. Learn how operators, manufacturers and integrators can define ownership, close compliance gaps, and embed requirements into procurement and lifecycle delivery to ensure product compliance beyond 2027.

Eddy Thesee, Vice President Digital & Cybersecurity, Alstom

Amelia Alder, Legal Counsel Cybersecurity, Knorr-Bremse

Martin Koop, Head of Railway Security, INCYDE GmbH

10:40 am

Implementing IEC 63452: The New Railway Cybersecurity Standard, Why it Exist, How it Aligns With the Wider Regulatory Landscape and What It Means for Operators

Vish Kalsapura, Principal Engineer, Network Rail

Read More

11:10 am

Keynote Presentation: The Secure Train – Cyber Solutions Deployed Today

Alex Cowan, CEO & Founder, Razorsecure

11:40 am

Securing the Future of ERTMS: Designing Resilient, Interoperable and Cyber-Safe Systems, Engineering Security into Europe’s Future Signalling System

This session delivers a strategic resilience and security framework for implementing ERTMS at scale, balancing safety, cyber risk, supply-chain dependency, and long-term lifecycle integrity.

12:00 pm

SPONSORED NETWORKING LUNCH

1 hour to connect with fellow attendees

1:00 pm

Visibility, Detection & Threat Anticipation: Moving from Reactive Defence to Predictive Protection

Ignite Session: Achieving Full OT Asset Visibility: Automating Discovery, scanning and Strengthening Identity Controls to Safeguard Critical Rail Operations

This session delivers a practical overview of DB InfraGO as Europe’s largest rail infrastructure manager and a KRITIS operator (critical infrastructure).

Ulrich Zackor, Head of OT Security, DB InfraGO AG

1:30 pm

Ignite Session: From Threat Awareness to Threat Anticipation: Transitioning to Predictive Cyber Intelligence for Rail

As digital complexity expands the rail attack surface, this session delivers a practical intelligence and analytics framework to help operators detect emerging threats earlier, justify security investment through safety impact, and prevent escalation before disruption occurs.

1:50 pm

Lightning Talk: Solving the Complexity of Identity and Access Management at Scale – Achieving a Single Source of Truth Across People, Machines and IoT in Rail?

This session delivers a practical identity governance framework for managing workforce, machine, and IoT access at rail scale, enabling full visibility, faster containment, and reduced cyber risk

2:10 pm

PEOPLE, CULTURE & SKILLS: HUMAN RISK, AWARENESS GAPS AND MFA RESISTANCE

Spotlight Session: Transforming the Rail Safety Culture: Moving from Compliance to Behavioural Change, Embedding Security as a Core Operational Value

This session delivers a practical cultural and leadership framework for shifting rail from reactive cyber defence to proactive, safety-led security thinking, embedding cyber awareness into everyday operational decisions.

Ola Jankowska, Solution Architect, ProRail

2:30 pm

AFTERNOON COFFEE

30 Minutes to connect with fellow attendees

3:10 pm

BUSINESS CONTINUITY & CRISIS RESPONSE: ENGINEERING CYBER RESILIENCE AT SCALE

Lightning Talk: Designing Disaster Recovery and Continuity Models for Cyber Survival, Preparing for a Ransomware-Ready Future

This session delivers a practical resilience and recovery framework to help rail organisations withstand, contain, and rapidly recover from large-scale cyber disruption, safeguarding safety-critical operations.

3:40 pm

SUPPLY CHAIN RISK & ECOSYSTEM SECURITY: MANAGING RISK BEYOND THE RAILWAY BOUNDARY

Panel Discussion: Securing the Software Supply Chain: Preventing Code Tampering, Reducing Attack Surface, and Protecting Rail Operations: Minimising risk in building new software.

This session delivers a practical framework for securing the full software lifecycle, from code commit to live deployment, tackling the industry’s fastest-growing cyber risk: supply chain compromise.

Ola Jankowska, Solution Architect, ProRail

Eddy Thesee, Vice President Cybersecurity, Alstom

Alex Cowan, CEO & Founder, RazorSecure

4:20 pm

Chairman’s Closing Remarks

4:30 pm

END OF CONFERENCE

bottom of page