Yet, IPT operators and municipalities are only gradually coming to terms with the consequences of cyber threats. Current limitations include the lack of corporate governance for IPT security and associated investments; difficulties to integrate security for safety systems as cyber security for IPT remains unclear; as well as the lack of a common EU approach to intelligent public transport security.

• Through two studies, ENISA raises awareness and provides practical solutions to enhance cyber security. For that purpose, ENISA proposes several key recommendations:
• The European Commission and Member States should foster knowledge exchange and collaboration in cyber security among industry, Member States and municipalities
• IPT operators should integrate cyber security in their corporate governance
• IPT Operators should develop a clear definition of their security requirements
• Manufacturers and solution providers should create products/solutions that match the cyber security requirements of IPT end-users

Prof. Udo Helmbrecht, Executive Director of ENISA, commented: ‚Smart infrastructure and smart devices are no longer a thing of the future, they are currently being rolled out across the EU. ENISA sees the security of such infrastructure as being a key success factor. Ensuring adequate protection of citizens will remove barriers to implementation and help promote economic growth through innovation‘

As smart cities keep growing in significance, ENISA responds by developing two guidelines that highlight good practices

1) to protect the critical assets of an IPT system and

2) to secure data exchanges between an IPT operator and other stakeholders in Connected and Smart Cities.

For full report:

Security and Resilience of Intelligent transportation systems
Cyber security for Smart Cities: An architecture model for public transport