Transport cybersecurity links
The International Civil Aviation Organization (ICAO): https://www.icao.int
ICAO, Aviation Cybersecurity Strategy: https://www.icao.int/cybersecurity/Documents/AVIATION%20CYBERSECURITY%20STRATEGY.EN.pdf
The International Air Transport Association (IATA) : https://www.iata.org
IATA, Compilation of Cyber Security Regulations, Standards, and Guidance Applicable to Civil Aviation: https://www.iata.org/contentassets/4c51b00fb25e4b60b38376a4935e278b/compilation_of_cyber_regulations_standards_and_guidance_apr21_2.0.pdf
Aviation Cyber Security (virtual classroom): https://www.iata.org/en/training/courses/aviation-cyber-security-virtual/tscs59/en/
The European Union Aviation Safety Agency (EASA): https://www.easa.europa.eu/home
Cybersecurity Overview, European Union Aviation Safety Agency (EASA): https://www.easa.europa.eu/domains/cyber-security/overview
The European Strategic Cooperation Platform (ESCP): https://www.easa.europa.eu/community/content/european-strategic-coordination-platform-escp
European Centre for Cybersecurity in Aviation: https://www.easa.europa.eu/community/content/european-centre-cybersecurity-aviation-eccsa
Network of Cybersecurity Analysts (NoCA): https://www.easa.europa.eu/community/content/network-cybersecurity-analysts-noca
The International Maritime Organization (IMO): https://www.imo.org
IMO, GUIDELINES ON MARITIME CYBER RISK MANAGEMENT: https://www.imo.org/en/OurWork/Security/Pages/Cyber-security.aspx
Produced and supported by BIMCO, Chamber of Shipping of America, Digital Containership Association, International Association of Dry Cargo Shipowners (INTERCARGO), InterManager, International Association of Independent Tanker Owners (INTERTANKO), International Chamber of Shipping (ICS), International Union of Marine Insurance (IUMI), Oil Companies International Marine Forum (OCIMF), Superyacht Builders Association (Sybass) and World Shipping Council (WSC) - THE GUIDELINES ON CYBER SECURITY ONBOARD SHIPS: https://wwwcdn.imo.org/localresources/en/OurWork/Security/Documents/ANNEX%20Guidelines%20on%20Cyber%20Security%20Onboard%20Ships%20v.4.pdf
Atlantic Council - Cybersecurity: https://www.atlanticcouncil.org/issue/cybersecurity
German flag - MARITIME CYBER SECURITY: https://www.deutsche-flagge.de/en/safety-and-security/ism/maritime-security
US Maritime Administration: https://www.maritime.dot.gov
US Maritime Administration, Office of Maritime Security: https://www.maritime.dot.gov/ports/office-security/office-maritime-security
Atlantic Council - Introduction: Cooperation on maritime cybersecurity: https://www.atlanticcouncil.org/in-depth-research-reports/report/cooperation-on-maritime-cybersecurity-introduction
ASIA MARITIME TRANSPARENCY INITIATIVE: https://amti.csis.org
UK Department of Transport, Code of Practice, Cyber Security for Ships: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/642598/cyber-security-code-of-practice-for-ships.pdf
The Association of American Railroads (AAR), founded in 1934, is the world’s leading railroad policy, research, standard setting, and technology organization that focuses on the safety and productivity of the U.S. freight rail industry: https://www.aar.org/
AAR, Physical and Cybersecurity - Protecting the Nation’s Freight Rail Network: https://www.aar.org/article/freight-rail-physical-cybersecurity
NOKIA, Cyber security for railways - Secure your railway infrastructure: https://www.nokia.com/networks/solutions/cyber-security-for-railways/
ENISA, Railway Cybersecurity: https://www.enisa.europa.eu/publications/railway-cybersecurity
ENISA, Railway Cybersecurity - Good Practices in Cyber Risk Management: https://www.enisa.europa.eu/publications/railway-cybersecurity-good-practices-in-cyber-risk-management
International Society of Automation (ISA) - Understanding Railway Cybersecurity: https://gca.isa.org/blog/understanding-railway-cybersecurity
UK Department for Transport - Rail Cyber Security, Guidance to Industry: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/897091/rail-cyber-security-guidance-to-industry-document.pdf
Our websites
a. Sectors and Industries.
2. Social Engineering Training
12. Transport Cybersecurity Toolkit
14. Sanctions Risk
15. Travel Security
b. Understanding Cybersecurity.
4. What is Synthetic Identity Fraud?
c. Understanding Cybersecurity in the European Union.
2. The European Cyber Resilience Act
3. The Digital Operational Resilience Act (DORA)
4. The Critical Entities Resilience Directive (CER)
5. The Digital Services Act (DSA)
6. The Digital Markets Act (DMA)
7. The European Health Data Space (EHDS)
10. The European Data Governance Act (DGA)
11. The EU Cyber Solidarity Act
12. The Artificial Intelligence Act
13. The Artificial Intelligence Liability Directive
14. The Framework for Artificial Intelligence Cybersecurity Practices (FAICP)
15. The European ePrivacy Regulation
16. The European Digital Identity Regulation
17. The European Cyber Defence Policy
18. The Strategic Compass of the European Union
19. The EU Cyber Diplomacy Toolbox
The exchange of information between the private and the public sector
Cyber Risk GmbH supports the national strategy for the protection of Switzerland against cyber risks (NCS), and promotes the exchange of information between the public and the private sector.
We often read that the public sector must learn from the private sector. We strongly believe that the opposite is more important. The private sector must learn from the public sector:
1. Switzerland, NDB. The Federal Intelligence Service (Nachrichtendienst des Bundes) works for the prevention of terrorism, violent extremism, espionage, proliferation of weapons of mass destruction and their delivery system technology, as well as cyberattacks against the critical infrastructure.
https://www.vbs.admin.ch/de/vbs/organisation/verwaltungseinheiten/nachrichtendienst.html
2. Switzerland, NCSC. The National Cybersecurity Centre (Nationale Zentrum für Cybersicherheit) is the Swiss Confederation's competence centre for cybersecurity and thus the first contact point for businesses, public administrations, educational institutions and the general public. It is responsible for the coordinated implementation of the national strategy for the protection of Switzerland against cyber-risks (NCS).
3. Switzerland, Cybercrimepolice.ch. The Zurich Cantonal Police (Kantonspolizei Zürich) operates www.cybercrimepolice.ch
https://www.cybercrimepolice.ch
4. Switzerland, SKP. The Swiss Crime Prevention (Schweizerische Kriminalprävention) is an agency specializing in the prevention of crime and the fear of crime.
5. Switzerland, GovCERT. The Computer Emergency Response Team of the Swiss government, the official national CERT of Switzerland.
6. Germany, BfV - The domestic intelligence service of the Federal Republic of Germany (Bundesamt für Verfassungsschutz). The Office for the Protection of the Constitution ensures that the free democratic basic order is secured at federal level and in the 16 federal states.
https://www.verfassungsschutz.de
7. Germany, BND - The foreign intelligence service of the Federal Republic of Germany (Bundesnachrichtendienst). The BND works for the acquisition and processing of information, to inform the federal government on developments important for foreign and security policy.
8. Germany - BAMAD. The military counter-intelligence service (Bundesamt für den Militärischen Abschirmdienst) is one of the three German intelligence services at federal level, and works for the protection of the constitution. The Military Counterintelligence Service Report is highly recommended (https://www.bundeswehr.de/resource/blob/5361404/4fa2a6e88f8fc77863022395942e6241/mad-report-2020-data.pdf).
9. Canada - CSIS. The Canadian Security Intelligence Service investigates activities suspected of constituting threats to the security of Canada, and reports to the Government of Canada. They take measures to reduce threats to the security of Canada.
https://www.canada.ca/en/security-intelligence-service.html
10. UK - MI5. For more than a century, MI5 protects the UK from a range of threats, whether it be from terrorism or hostile activity by states.
11. UK - MI6. They have three core aims: stopping terrorism, disrupting the activity of hostile states, and giving the UK a cyber advantage.
12. UK - GCHQ. With priorities set by the UK’s National Security Strategy and the decisions of the National Security Council, chaired by the Prime Minister, as well as the Joint Intelligence Committee.
13. UK - NCA. The National Crime Agency houses the UK’s International Crime Bureaux including INTERPOL and EUROPOL. They manage the routine exchange of police and law enforcement information through these channels and provide access to international databases and capabilities.
https://www.nationalcrimeagency.gov.uk
14. US - ODNI. The Office of the Director of National Intelligence serves as the head of the U.S. Intelligence Community, overseeing and directing the implementation of the National Intelligence Program and acting as the principal advisor to the President, the National Security Council, and the Homeland Security Council for intelligence matters related to national security.
15. US - CIA. The Central Intelligence Agency provides intelligence on foreign countries and global issues to the president, the National Security Council, and other policymakers to help them make national security decisions.
16. US - NSA. The National Security Agency leads the U.S. Government in cryptology that encompasses both signals intelligence (SIGINT) insights and cybersecurity products and services.
17. US - FBI. The Federal Bureau of Investigation protect the U.S. from terrorist attacks, against foreign intelligence, espionage, and cyber operations. FBI combats significant cyber criminal activity.
18. Australia, ASIO. The Australian Security Intelligence Organisation protects Australia and its people from acts of foreign interference, attacks on Australia’s defence systems, espionage, politically motivated violence including terrorism, promotion of communal violence, sabotage, and serious threats to Australia’s border integrity.
19. Australia, ONI. The Office of National Intelligence, following the passage of the Office of National Intelligence Act (2018), came into being on 20 December 2018. Represents a key component in the formation of Australia’s new National Intelligence Community (NIC), and is responsible for enterprise level management of the NIC, ensuring a single point of accountability to the Prime Minister and National Security Committee of Cabinet.
20. Australia, ASIS. The Australian Secret Intelligence Service is Australia's foreign intelligence collection agency. They collect and distribute secret foreign intelligence, information which would be otherwise unavailable to Australia, to protect Australia and its interests.