ERA and ENISA sign MoU on Railway Cybersecurity

The European Union Agency for Railways (ERA) and the European Union Agency for Cybersecurity (ENISA) have formalised their cooperation on cybersecurity in the railway sector through a Memorandum of Understanding signed in October 2023 and announced during the 3rd ERA-ENISA Conference on Cybersecurity in Railways, held in Athens, Greece. 

As Europe’s railways undergo rapid digital transformation, the MoU strengthens joint efforts to enhance cybersecurity resilience and support the sector’s growing needs. The agreement sets shared objectives such as developing evidence-based cybersecurity policy for railways, supporting the implementation of EU legislation including the NIS2 Directive, and analysing the relevance of EU cybersecurity certification schemes for railway systems. 

ENISA will advise ERA on integrating cybersecurity considerations into safety and interoperability frameworks, while ERA will contribute rail expertise to ENISA’s assessments, capacity-building actions and monitoring of the cyber threat landscape. The cooperation also foresees joint events, skills development initiatives, regular information exchange and coordinated work on emerging challenges. 

By combining their mandates and expertise, ERA and ENISA aim to ensure that Europe’s rail system remains safe, interoperable and cyber-resilient in an evolving threat environment.