Product Cybersecurity at Wabtec

Operator efforts to secure critical infrastructure rely on supply chain security. Through selecting products developed in compliance with IEC 62443-4-1, customers are equipped with solutions that meet their required security levels and effectively address core functions of the NIST CSF.

Our Commitment

At Wabtec, we support customer efforts to efficiently reduce their cybersecurity risk by using secure development practices throughout the product lifecycle. Spearheaded by our Chief Product Security Officer, Wabtec’s product cybersecurity team is on a mission to enable product development that supports the resilience of the vital industries we serve.

Product Cybersecurity

Our Approach

Wabtec’s integrated approach to product cybersecurity begins with engineering-focused training and awareness programs.

Product Cybersecurity │ Wabtec Corporation
IEC 62443-4-1 Certified

Wabtec’s IEC 62443-4-1 certified product cybersecurity program provides well-defined benchmarks throughout the development lifecycle. This standards-driven approach enables a common cybersecurity baseline for Wabtec products.

Product Cybersecurity │ Wabtec Corporation
Resilience

Our product cybersecurity team plays a critical role in supporting customer resilience to the cybersecurity landscape. Wabtec product cybersecurity identifies and prioritizes security risks, conducts compliance assessments for product release readiness, and maintains vigilance against evolving threats. Our Product Security Incident Response Team manages incident response, responsible vulnerability reporting, triage, and disclosure. Our efforts include ongoing vulnerability watch, security process status reporting, and comprehensive software integrity assessments, enabling resilience for mission critical freight rail, transit, mining, industrial and marine operators.

Image
Product Cybersecurity │ Wabtec Corporation
Vulnerability Management

Learn more about product cybersecurity vulnerability management:

Collaboration

Wabtec collaborates in industry efforts that bolster resilience in critical infrastructure. Wabtec actively participates in industry and standards groups like CENELEC (TS 5701), IEC TC9/PT 63452, and UNIFE, to support cybersecurity in digital rail innovation. We seek opportunities for ongoing engagements with customers to bolster security and resilience in the industries we serve. As industry standards and customer needs change, this external engagement allows Wabtec’s product cybersecurity to evolve with industry.

Product Cybersecurity │ Wabtec Corporation
Product Cybersecurity │ Wabtec Corporation
Product Cybersecurity │ Wabtec Corporation