Transforming Cybersecurity: A Strategic Approach for an Iberian Transportation Systems Company

A transportation systems company based in the Iberian region, employing over 13,000 individuals, encountered challenges in evaluating and assessing digital risks across more than 46 airports and 2 heliports in Spain. The organization required improved planning, implementation, and management of cybersecurity audits across its Compliance, IT, and OT departments. Notably, the company conducted over 50 audits annually.

The solution and approach centered on procedures such as RTS and GRC in an OT-oriented strategy. A comprehensive Cybersecurity Plan was designed for the company, addressing the security aspects of hybrid threats. The identification and assessment of the organization's current state of cybersecurity involved understanding business processes and technology usage. Existing cybersecurity gaps were identified to achieve optimal outcomes for the client.

Subsequently, the company successfully achieved compliance with regulations, including EU 2015/1996, GDPR, ISO 27001, and IEC 62433, among others. Recommendations for actions to enhance the organization's cybersecurity posture and improve business continuity were provided. In a proactive measure to mitigate future cybersecurity issues, organization-wide training was conducted, thereby promoting and strengthening the company's cybersecurity awareness.