5th ENISA-ERA Conference on Cybersecurity in Railways

Back to Events

conference Dec 01 TO 02, 2025 from 9:00am to 2:00pm (Europe/Tallinn)

Registration for this conference is now closed. Thank you for your understanding.

The European Union Agency for Cybersecurity (ENISA) and the European Union Agency for Railways (ERA), with the support of Estonian Railways, are pleased to announce the 5th edition of the Cybersecurity in Railways conference, the annual event dedicated to exploring the latest advancements, best practices, and challenges in the field of cybersecurity in the railway sector. 

The 2025 edition, that will take place in Tallinn, Estonia, on 1-2 December, will bring together cybersecurity professionals, researchers, industry experts, government officials, and practitioners to exchange knowledge, insights, and experiences. 

This event is the continuation of the close collaboration between ERA and ENISA on cybersecurity in the railway domain. 

This year, the location of the conference is moving away from the traditional Lille and Athens to get closer to the implementation of railway cybersecurity projects. The support of Estonian Railways is the first step in supporting the cyber rail community with their local priorities. 

The topics of this joint event, together with the strong support from the European Commission, will cover:

  • Opening with a focus on regional challenges/initiatives
  • Cybersecurity policy updates: NIS2 directive, CRA regulation, European Commission request for TSI updates
  • Capacity building and training for the railway sector
  • Feedback from railway cybersecurity projects: national implementations, sector initiatives 

As every year, the conference will keep on providing networking opportunities, aiming at building a railway cybersecurity community. Speakers and participants will share information on the latest developments and raise awareness among railway stakeholders about cybersecurity risks and mitigations. 

ENISA, ERA and Estonian Railways are looking forward to welcoming you to Tallinn!

Registration

Registration for this conference is now closed. Thank you for your understanding.

We kindly inform you that: 

  • Registration is free of charge and will be handled on a first-come, first-served basis;
  • Capacity is limited, and registration will close once the maximum number of participants has been reached;
  • All registrations will be subject to prior validation;
  • Participants are responsible for own travel costs and accommodation;
  • On-site registration will not be possible;
  • It will not be possible to attend the conference remotely;

For any questions, please contact ENISA-ERA-Conference@enisa.europa.eu.

Conference Presentations

Session 1-1 - EE Infrastructure Minister - Speech on Rail CybSec

Session 2-1 - NCSC-EE - Regional Threat Landscape in Critical Infrastructure

Session 2-2 - Estonian-Railways - Zero Trust Rail

Session 2-3 - FI Transport & Communication - Preparedness and Trust

Session 3-1 - Reusch Law - CRA Practical Insights

Session 3-2 - TMC - Pratical approach to CRA Compliance in Railway Systems

Session 3-3 - CRSG - Applying CRA in rail - Sector wide approach

Session 4-1 - Traficom - Railway Cybersecurity course

Session 4-2 - Infrabel - Cyber Security Training Program

Session 4-3 - CYRUS - Free Solution for Flexible Role-Based Cybersec

Session 5-1 - IEC - PT 63452

Session 5-2 - UITP - Securing connection Safety-critical systems and the cloud

Session 5-3 - Airbus - Innovative Solution for Rail Risk Assessment

Session 6-1 - EPSF - European Strategy Action

Session 6-2 - EBA - CyberSecurity in German NSA

Session 6-3 - Swedish sector - Proactive Collaboration

Session 6-4 - Dutch sector - Cyber Crisis Management

Session 7-1 - Infrabel - A « Railway » CyberSOC

Session 7-2 - ILT - Increasing the pressure for cybersecurity in Dutch rail

Session 7-3 - Codewerk - Cybersecurity for Rolling Stock

Session 7-4 - RNE - From Data Exchange to Digital Tracks

Download conference agenda

Practical information

Related topics

Related content

Cyber hygiene in the health sector illustration with medical staff, hospital, and cybersecurity icons, by ENISA

Cyber Hygiene in the Health Sector

This booklet, developed by ENISA, provides clear and targeted guidance with practical steps that health entities can take to:
-  Safeguard sensitive data
- Minimise exposure to common cyber threats-

Cover page of an ENISA report titled 'Cybersecurity Roles and Skills for NIS2 Essential and Important Entities', featuring a person typing on a laptop with floating digital icons representing cybersecurity roles. The report is dated June 2025 and maps NIS2 obligations to the ECSF.

Cybersecurity roles and skills for NIS2 Essential and Important Entities

 ENISA in line with articles 6 and 10 of the Cybersecurity Act , prepared this guidance document on the skills and roles for the cybersecurity professionals needed to meet these legal requirements effectively.

Cover of the publication titled “NIS 2 Implementation Guidance,” featuring hand icons related to cybersecurity and the NIS 2 logo in the centre, with “June 2025” noted at the bottom.

NIS2 Technical Implementation Guidance

This report provides technical guidance to support the implementation of the NIS2 Directive for several types of entities in the NIS2 digital infrastructure, ICT service management and digital providers sectors.

Publication cover for Handbook for Cyber Stress Tests - Skyline image with different metrics visual

Handbook for Cyber Stress Tests

ENISA developed this handbook as guidance for national or sectorial authorities overseeing cybersecurity and resilience of critical sectors, at the national level, regional or EU level under NIS 2 Directi

BROWSE ALL PUBLICATIONS

7th E.DSO/EE-ISAC/ENCS/ENISA Cybersecurity Forum

2024 Oct 1

ENISA Telecom and Digital Infrastructure Security Forum 2025

2025 Mar 20

ENISA Telecom Security Forum 2022

2022 Jun 29

4th ERA-ENISA Conference on Cybersecurity in Railways

2024 Oct 2

BROWSE ALL EVENTS

eHealth security in the spotlight: A good practice guide for a robust and resilient EU health sector

News Item

Unveiled on the sidelines of the 10th edition of the eHealth Security conference, the European Union Agency for Cybersecurity (ENISA) publishes a good practice guide to support entities of the health sector in strengthening their digital security.

Supporting NIS2 implementation through actionable guidance

Press Release

The EU Agency for Cybersecurity (ENISA) publishes a technical guideline for the security measures of the NIS2 Implementing Regulation to assist digital infrastructures and managed service providers.

Putting EU resilience to the test: ENISA handbook on cyber stress testing

News Item

The Handbook for Cyber Stress Testing aims to support national authorities in assessing the cybersecurity and resilience of critical sector entities.

From Cyber to Outer Space: A Guide to Securing Commercial Satellite Operations

Press Release

The European Union Agency for Cybersecurity (ENISA) explores the cybersecurity threat landscape of space to strengthen the resilience of commercial satellites.

BROWSE ALL NEWS