Cybersecurity Risk in Digitalization of Infrastructure Systems: A Use Case

The increasing number and effectiveness of cyber-attacks and data breaches adversely affect infrastructure systems by exploiting their vulnerabilities. Cyber-attacks on critical infrastructure sometimes undermine safe operations or cause complete shutdowns. Therefore, identifying and evaluating the actual status of infrastructure system processes for critical assets in advance requires analyzing the actual cybersecurity status to protect them from potential cyber-attacks and data breaches. So far, the information deficit about cybersecurity awareness in the infrastructure systems sector exists. International studies are more broadly designed, but not directly focused on gaining detailed knowledge about cybersecurity defense's status quo in the infrastructure system sector. Therefore, strategic steps are required to secure the infrastructure systems against cyber-attacks and vulnerabilities. This includes developing and implementing procedures to improve cyber-attack detection and eliminate system vulnerabilities. In this regard, a maturity level model as a specific analysis method of the actual cybersecurity status of the infrastructure system is introduced to gain knowledge about how to achieve the desired to-be-cybersecurity status against the actual status, as a best practice example is provided for a rail system. This paper describes the cybersecurity risk of digitization in the railway sector as a use case.