Critical Infrastructure Security , Governance & Risk Management , Legacy Infrastructure Security

Digitizing and Securing Norway's Railway Network

CISO Tom Remberg of Bane NOR on Managing Threats to Critical Infrastructure
Tom Remberg, CISO, Bane NOR

Norway's railway network, Bane NOR, is undergoing a nationwide digitization process. Its CISO, Tom Remberg, describes what the task of replacing legacy technology with digital train control and traffic management systems entails and how his role as CISO is critical to making that transformation happen.

See Also: OnDemand Panel | Strengthening OT Security with HCLTech and Microsoft

For mission-critical systems undergoing a digitization program as extensive as this, Remberg stresses the need for "different layers of protection" and "high-availability elements," so if one of the elements, such as a server, fails, the service is still available. He says that in order to avoid adverse business impacts in case of an outage, everything must be duplicated and it must be possible to "take one part of the infrastructure down, maintain and upgrade it, while the other one is running."

In a video interview with Information Security Media Group, Remberg discusses:

  • Threats to critical infrastructure and how to protect against them;
  • Maintaining patch management policy while ensuring business continuity;
  • Moving from an antiquated legacy system to a framework that is "secure by design."

Remberg is chief information security officer for Bane NOR, a state-owned company responsible for the Norwegian national railway infrastructure. He was previously group CISO at Intertek, vice president and head of security governance at Telenor Group and a director with PwC, specializing in strategic information security Management. He has managed several complex projects to implement and improve companies' information security management systems.

About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.