Image
Product Cybersecurity at Wabtec
Operator efforts to secure critical infrastructure rely on supply chain security. Through selecting products developed in compliance with IEC 62443-4-1, customers are equipped with solutions that meet their required security levels and effectively address core functions of the NIST CSF.
Our Commitment
At Wabtec, we support customer efforts to efficiently reduce their cybersecurity risk by using secure development practices throughout the product lifecycle. Spearheaded by our Chief Product Security Officer, Wabtec’s product cybersecurity team is on a mission to enable product development that supports the resilience of the vital industries we serve.
Product Cybersecurity
Our Approach
Wabtec’s integrated approach to product cybersecurity begins with engineering-focused training and awareness programs.
IEC 62443-4-1 Certified
Wabtec’s IEC 62443-4-1 certified product cybersecurity program provides well-defined benchmarks throughout the development lifecycle. This standards-driven approach enables a common cybersecurity baseline for Wabtec products.
Resilience
Our product cybersecurity team plays a critical role in supporting customer resilience to the cybersecurity landscape. Wabtec product cybersecurity identifies and prioritizes security risks, conducts compliance assessments for product release readiness, and maintains vigilance against evolving threats. Our Product Security Incident Response Team manages incident response, responsible vulnerability reporting, triage, and disclosure. Our efforts include ongoing vulnerability watch, security process status reporting, and comprehensive software integrity assessments, enabling resilience for mission critical freight rail, transit, mining, industrial and marine operators.
Vulnerability Management
Learn more about product cybersecurity vulnerability management:
Collaboration
Wabtec collaborates in industry efforts that bolster resilience in critical infrastructure. Wabtec actively participates in industry and standards groups like CENELEC (TS 5701), IEC TC9/PT 63452, and UNIFE, to support cybersecurity in digital rail innovation. We seek opportunities for ongoing engagements with customers to bolster security and resilience in the industries we serve. As industry standards and customer needs change, this external engagement allows Wabtec’s product cybersecurity to evolve with industry.
