-
INTERNATIONAL UNION OF RAILWAYS (UIC) DIGITAL TECHNOLOGY AND
RAILWAY SECURITY WORKSHOP MAY 5, 2016 ANAND CHAUBEY VIA RAIL
CANADA
-
AGENDA
• Background on VIA Rail Canada • VIA RAIL - Digital • Trends,
Threats & Disruptions • Digital and Cybersecurity
-
VIA RAIL INTRODUCTION VIA Rail operates Canada’s national
passenger rail service on behalf of the Government of Canada. An
independent Crown corporation established in 1977, VIA Rail
provides safe, cost-effective and environmentally responsible
service from coast to coast in both official languages. The
corporation operates close to 475 train departures weekly on a 12,
500 km network, connecting over 400 Canadian communities.
-
VIA RAIL – BY THE NUMBERS
-
“DIGITAL AT VIA RAIL” Short term: VIA Rail wishes to offer its
customer the best customer experience across the travelers’ journey
Future: VIA Rail wishes to offer its customer a personalized
customer experience with relevant information, products and
services in real time. The final view would be to offer a door to
door experience for the customer ensuring travel solutions not only
from station to station but origin to final destination,
-
a “Digital at VIA – Customer View
https://reservia.viarail.ca/
-
a “Digital at VIA – Internal View
Used by approx. 1000 employees in day to day operations
Company Wide Intranet
To be used by approx 450 employees (Q2 2016)
-
TRENDS, THREATS & DISRUPTION (TTD)
• Mobile/Watches/Wearables • Mobile Mind Shift • Rapid
Prototyping/MVP • Organization Structure & Debt • Internet of
Things (IOT)
-
TTD#1 Focus is on Mobile, Wearables, new devices Mobile is
typically the quickest way to access web content. Furthermore, in
travel industry one of the key devices to access information and
interact with passengers Forrester Research1 forecasts that US
mobile commerce in travel and food services will hit $54 billion in
2016 and $75 billion by 2018. 1: http://www.forrester.com/
-
TTD #2 Mobile Mind Shift The mobile mind shift is the
expectation that I can get what I want in my immediate context and
moments of need. Your customers and employees are making this
shift, now. This shift means the battle for your customer's
attention will be waged in mobile moments — anytime that customer
pulls out a mobile device1
The new realities: 1. People are no longer sitting in one place
2. People are generally unhappy of web site linear processes 3.
People expect mobile apps to anticipate their needs and serve them
immediately
1:
https://www.forrester.com/The+Mobile+eBusiness+Playbook+For+2015/-/E-PLA123
-
TTD #3 Rapid Prototyping/MVP 1. Development of Minimum Viable
Product (MVP) vs the entire solution1 2. Turn uncertainty into
opportunity 3. MVP typically has the highest return on investment
vs the risk involved
1: http://theleanstartup.com/principles
-
TTD #4 Organizational Structure & Debt 1.
Maintainability/Integration of obsolete systems 2. Linking business
and IT and other external partners 3. Resources and resource
availability
-
TTD #5 Internet of Things (IOT) • Network of physical objects –
embedded with
electronics/sensors/software/connectivity in order to exchange
information and data
• VIA is still in the beginning stages of IOT development •
Collection of locomotive telemetry data – Fuel savings
and employee performance management • Collection and process of
train location data– used for
train operations group on a daily basis as well as for
publishing information for customers
-
DIGITAL AND CYBERSECURITY In the context of Digital items that
are for consideration when cybersecurity is discussed:
-
DIGITAL AND CYBERSECURITY CONCERNS & OPPORTUNITIES
• Identify and Access Management (IAM) • Risk Management &
Compliance
• Data & Privacy Laws • PCI Compliance/Fraud • Canadian Anti
Spam Law (CASL)
• Incident Management & Response
-
OPPORTUNITY #1 Identity and Access Management The Identity of
Things (IDoT) is a new extension to identity management that
encompasses all entity identities, whatever form those entities
take. These identities are then used to define relationships among
the entities — between a device and a human, a device and another
device, a device and an application/service, or (as in traditional
IAM) a human and an application/service1.
1 The Identity of Things for the Internet of Things Gartner
G00270277
-
OPPORTUNITY #1 Identity and Access Management
Source: The Identity of Things for the Internet of Things
Gartner G00270277
-
OPPORTUNITY #2 Risk Management & Compliance 1. Digital
business presents increasing complexity and new threats, and it
demands a change in
approaches to IT risk and cybersecurity.
2. Traditional defenses such as antivirus and network firewalls
have failed to stop the continuous stream of breaches. Regulations
and compliance standards are not materially reducing losses.
3. Security, privacy, continuity, safety, control,
confidentiality and ethics issues are being discussed with
increasing urgency at the management and board levels.
4. Principles for consideration: • Stop focusing on check box
compliance, and shift to risk-based decision making. • Stop solely
protecting infrastructure, and begin supporting business outcomes.
• Stop being a defender, and become a facilitator. • Stop trying to
control information; instead, determine how it flows. • Accept the
limits of technology, and become people-centric. • Stop focusing
efforts solely on prevention, and balance investments across
protection,
detection and response.
Source: Gartner G00280963: Use Six Principles of Resilience to
Address Digital Business Risk and Security
-
OPPORTUNITY #3 Incident Management & Response Technology
will continue to bring it’s challenges in terms of security.
Elements of a required security/risk management program • Secure
Systems Development/Third party management • Security Architecture
– Cloud Management protocols • Compliance • Risk Management
Governance • Security Incident Management • Social Monitoring •
Proactive Monitoring • Data/Asset Identification • Awareness and
Training
-
WRAP UP - HIGHLIGHTS 1. Key Trends are here today – IOT, Mobile
are areas of
development that as an organization you will need to “play in” –
VIA has started to play in these areas
2. MVP Philosophy • Companies don’t need to be startups to work
in an
entrepreneurship mode. • Fail – Fail fast! – learn and move
forward • Culture change
3. Incident Management
1. Remains an important item within the context of a Digital
Strategy
2. Needs to evolve as technology evolves
-
Diapositive numéro 1Diapositive numéro 2Diapositive numéro
3Diapositive numéro 4Diapositive numéro 5Diapositive numéro
6Diapositive numéro 7Diapositive numéro 8Diapositive numéro
9Diapositive numéro 10Diapositive numéro 11Diapositive numéro
12Diapositive numéro 13Diapositive numéro 14Diapositive numéro
15Diapositive numéro 16Diapositive numéro 17Diapositive numéro
18Diapositive numéro 19Diapositive numéro 20Diapositive numéro
21
