Cybersecurity in practice: sharing experiences with professionals

The lecture started with the basic theory of cybersecurity. It is important to remember that cybersecurity is not only about technology, but also about people and processes. Security measures must be integrated into all aspects of the business, from product design and development, to internal operations, to employee training.

When it comes to protecting data, we have three basic practices for protecting it. Backup, encryption and access restriction. In terms of network security, there are firewalls, VPNs, and of course encrypted and protected Wi-Fi (separate networks for visitors and employees). Of course there are also antivirus software. Regular system updates and password management.

The forthcoming European Commission directive NIS2 was also presented. This directive aims to enhance the cyber security of critical services in the EU such as energy, transport, banking and healthcare. The NIS2 Directive introduces a number of new requirements and penalties for organisations that fail to comply with security standards. It is important that companies familiarise themselves with this directive and adapt their practices to it.

Finally, we looked at practical examples from our company on how we provide cyber security in terms of processes, and HW and SW equipment. At Railsformers, we believe that technology is a key tool in protecting our systems from cyber threats. We use the latest tools and technologies to detect and prevent cyber attacks, such as advanced threat detection and access control. At the same time, we are not only focused on technology, but also on educating our employees and creating a culture of cybersecurity.

This talk was a great opportunity to share our practices and experiences with other cybersecurity professionals. We hope that we all gained new insights and inspiration for further work in this ever-evolving field.