Situation:
A major rail operator in the state of Victoria, Australia, sought to strengthen the resilience of its Operational Control Systems (OCS) and Train Control Systems (TCS).
This client approached NCC Group with concerns about the number of cyber attacks on global railways doubling annually. They also wanted to know more about how hackers were increasingly compromising both IT and operational technology (OT).
Protecting critical rail infrastructure by strengthening their cyber resilience was determined as the core of the operator’s need.
To address this objective, NCC Group led the security consulting project in partnership with the global engineering and sustainability consultancy, Ricardo, for their localized rail network engineering input. Together, the two groups were tasked with assessing the client’s current operational network environment and developing a practical, achievable roadmap to strengthen their cyber security processes.
At a glance:
Organization: A major Australian rail operator
Industry/Sector: Rail Transport
Situation: Client required strengthened cyber resilience across critical operational networks.
Challenges: Legacy systems, complex data flows and stakeholder networks, and safety critical operations limited flexibility.
Solution: NCC Group delivered assessments, segmentation recommendations, and secure architectural guidance.
Results: Improved cyber resilience by implementing a clear, practical, and achievable roadmap and enhanced protection of the client’s essential rail infrastructure to ensure commuters stay on the move.
Challenge
Before this engagement, the client operated highly interconnected legacy OCS/TCS networks with limited segmentation and complex data flows. This created several key risks:
- Boundary limitations across operational networks that restrict safe isolation and compartmentalization.
- Increased exposure to vulnerabilities due to expanding interfaces with train systems, signaling equipment, and external providers.
- Safety critical operations that could not be disrupted under any circumstances, requiring all assessment and redesign work to be carried out without operational impact.
- Complex stakeholder coordination, as the project involved multiple internal teams and external partners, all of whom worked with sensitive information.
This client needed a secure, scalable cyber security overhaul that preserved operational continuity while enhancing data confidentiality, integrity, and availability.
Solution
NCC Group led a structured cyber resilience uplift program, incorporating technical assessments, architectural design, and risk-based recommendations aligned to their extensive rail sector experience and best practice knowledge.
Holistic network assessment
Working with Ricardo’s engineering specialists, NCC Group:
- Performed a detailed evaluation of the existing OCS/TCS network architecture.
- Identified system boundaries, trust zones, data flows, and interdependencies.
- Mapped vulnerabilities and configuration risks across operational assets.
Identity, segmentation, and security controls design
Based on the assessment, the cyber security group’s rail security team then produced:
- Clear recommendations for a modern segmentation approach suitable for operational environments.
- Security control enhancements to strengthen identity, authentication, monitoring, and access pathways.
- A functional specification enabling the rail client to proceed with implementation without operational disruption.
Complex stakeholder and data coordination
Given the number of stakeholders and the sensitivity of the data, NCC Group:
- Established secure channels for information sharing.
- Ran structured workshops to ensure alignment across engineering, operations, IT, and third parties/suppliers.
- Ensured cyber resilience planning respected safety critical constraints at all times.
Cyber resilience delivery
The engagement culminated in a detailed recommendation report and functional specification, providing the client with:
- A clear, practical roadmap for staged implementation.
- Guidance enabling greater cyber resilience without interrupting train services.
- A defensible architecture aligned to rail sector regulatory expectations.
Results
With Ricardo's support, NCC Group left the rail operator with:
- Significant improvements to operational network security posture, informed by targeted, risk and cyber threat intelligence-based recommendations.
- A blueprint for progressive implementation to allow controlled uplift of the OCS/TCS environment.
- Enhanced network resilience, reducing exposure to vulnerabilities across critical rail systems.
- Strengthened identity, confidentiality, integrity, and availability of operational data flows.
“By combining NCC Group’s 20+ years supporting the rail sector with our cyber expertise with Ricardo’s rail engineering capabilities, our client successfully implemented the cyber resilience strategy we’d all built together.
“As a result, our client now manages their cyber risks swiftly and effectively, protecting critical rail infrastructure while maintaining uninterrupted operational performance for the commuters across the Australian State of Victoria.”
Gary Cannon | NCC Group Global Transport Practice Leader
NCC Group is a people-powered, tech-enabled global cyber security and resilience company with over 2000 colleagues around the world.
For over 25 years, we’ve been trusted by the world’s leading companies and Governments to manage and deliver cyber resilience. We're proud to deliver important and groundbreaking projects for our clients.
As technology and cyber threats continue to evolve, we remain relentlessly committed to our mission: working together to create a more secure digital future.
We keep your cyber resilience on track.
Our experts are ready to help you stay ahead in a constantly changing threat landscape. Contact us today to learn more about our work in the transport sector and discuss your business's unique challenges.