• Information security is a top priority in the transport and traffic sector

We are happy to help

P +41 58 911 11 11 [email protected] Contact Customer Service
Leitstelle

Information security is a top priority in the transport and traffic sector

The digitisation and networking of public transport bring numerous opportunities, but they also entail considerable risks. Cyber attacks on infrastructure are steadily increasing – this poses major challenges for us as a company and for our customers in the transport companies.

How does ebblo counter these threats? What measures do we take to ensure information security in the long term? We have defined appropriate measures and developed a security strategy. This enables us to achieve continuous improvement.

Current situation

The threat situation in the area of information security is developing dynamically, and it is a demanding challenge to continuously update the protective measures for all systems. Unfortunately, public transport companies have now also become targets for cybercriminals. According to the Federal Office for Information Security (BSI), there were around 420 million attacks on critical infrastructure between January 2023 and January 2024 alone. In 2024, 25 per cent of reported security incidents affected the transport and traffic sector.

Threat analysis and risk management

At ebblo, the successful implementation of information security measures is based on a clear organisational structure and cooperation between various individuals responsible for security. We have defined clear personnel responsibilities, including for the systematic assessment and classification of threats.

Our specialists analyse current attack trends and adapt security measures accordingly. This continuous monitoring and updating of protective mechanisms is a central component of our risk management.

ISO 27001 – Certification and audit

A central element of ebblo’s information security strategy is the Information Security Management System (ISMS), which is certified according to ISO 27001:2022. Compliance with the standard is regularly checked by external audits. These involve an intensive and detailed examination of the effectiveness and alignment of our ISMS.

Following successful certification in May 2024, our compliance was reconfirmed during the surveillance audit in May 2025. Despite the good rating, we are not letting up in our efforts, as the continuous development of security processes is a key focus for us.

Secure Development Lifecycle and Security Roadmap

ebblo relies on a structured Secure Development Lifecycle (SDL) for the development of software and systems. Security requirements are taken into account from the outset – from requirements analysis and design to implementation and software testing.

The Security Roadmap documents planned and ongoing measures to increase security and ensures a clear focus for activities. This approach ensures that we can deliver secure systems to our customers.

Creating security together: from concept to implementation

The implementation of a structured Secure Development Lifecycle process makes a significant contribution to compliance with the legal requirements of the German Federal Office for Information Security (BSI), especially for operators of critical infrastructures (KRITIS).

By consistently integrating security measures into the entire development process, from planning and implementation to maintenance, we ensure that our solutions comply with current security standards and actively contribute to meeting the regulatory requirements of the BSI.

We are happy to contribute our expertise in this area and support you in defining suitable security measures and implementing them. Together with you, we analyse the project-specific requirements, derive tailor-made measures and accompany their technical and organisational implementation.

Our goal is not only to ensure compliance with relevant standards and legal requirements, but also to make a sustainable contribution to the security of your systems and data. Let us work together to lay the foundation for a secure and future-proof system, minimising risks in the long term and strengthening your compliance.

Awareness and communication

Another important aspect is raising employee awareness of IT security issues – keyword: ”human firewall”. All employees are regularly informed about current threats, trends and important security measures. Promoting security awareness through transparent and targeted communication is a crucial part of our IT security strategy.

Well positioned for increasing requirements

ebblo meets the challenges of information security with a holistic and systematic approach. Systematic threat analysis, regular certification in accordance with ISO 27001, a structured process for the secure development lifecycle, a documented security roadmap and employee awareness form the foundation for robust security management.

Continuous improvement and transparent communication of audit results ensure that ebblo meets the increasing demands in the area of information security, both today and in the future. Transport companies can rely on our expertise, so that we can continue to move people together – with the safest possible infrastructure.

You might also be interested in this

back

Contact