Transport.

OT cyber resilience across rail, road, aviation and maritime, the networks that move people and freight.

TS 50701
EASA Part-IS
IMO / IACS
NIS2

When transport stops, it stops in public.

Transport is critical national infrastructure. Increasingly, the thing that stops it is not a direct attack on the operator, it is a shared digital service or a single supplier going dark.

In 2022, a security incident at a single rail software supplier halted every train across Denmark's national operator for hours, without the operator's own network ever being touched.

The pattern is consistent across every mode: the OT and shared services that run transport were built for safety and availability, not for adversaries. Connectivity and supplier concentration have outpaced the controls that should govern them.

$300m

NotPetya · Maersk, 2017

A single attack paralysed container shipping worldwide, the landmark case for how fast OT disruption spreads across a global network.

4airports

Collins MUSE, 2025

Heathrow, Brussels, Berlin and Dublin forced back to manual check-in for days after one shared-platform compromise.

4/wk

Nationally significant incidents

Now handled every week by the UK's National Cyber Security Centre.

Three capability areas

Our work is organised into three capability areas. Each maps directly onto the transport problems that follow, across all four modes: rail, road, aviation and maritime.

Industrial Resilience

Prepare for, withstand and recover from cyber incidents and operational disruption.

NEXION Cyber Resilience Platform
Readiness for major incidents
Governance, Risk & Compliance
Penetration testing

Operational Technology

Secure and modernise control systems and OT environments.

OT Programme Design & Delivery
Site Enablement
OT Security Due Diligence
Data & AI Governance in OT
OT Supply-Chain Security & GRC

Industrial Tech & Innovation

Help operators navigate operational reality and digital innovation.

Industrial domain advisory
Agentic BPMN
AI-ready data architecture
AI governance
Data governance

We are vendor-, tool- and standard-agnostic. We map to NIS2 and the sector standards that govern each mode, without locking you into any one of them.

TS 50701
EASA Part-IS
IMO / IACS
NIS2

Four modes, one operational reality

Our work maps directly onto the transport problems operators face, across all four modes: rail, road, aviation and maritime.

01Transport

Rail

Signalling, control, traction power, stations and depots, passenger and freight networks.

The problem

Rail runs on safety-critical OT with decades-long lifecycles: signalling and interlockings, train control (ETCS/CBTC), traction-power SCADA, station and depot systems, and GSM-R/FRMCS communications. As these converge onto IP networks the attack surface grows, while the safety-assurance regime (CENELEC, TS 50701) leaves little room for disruptive change. The estate is geographically vast and hard to monitor, and operators depend on a small number of suppliers and integrators. The Danish DSB case made the consequence plain: an incident at one software supplier halted an entire national network for hours, without the operator's own systems being attacked.

OT Programme Design & Delivery
Site Enablement
OT Supply-Chain GRC
Readiness for major incidents
OT Security Due Diligence

How we solve it

Build asset visibility across signalling, traction-power SCADA and station systems, without touching their safety integrity, delivered by engineers who understand rail OT.
Zone and segment the estate along IEC 62443 / TS 50701 lines, separating safety-critical signalling from corporate and supplier networks.
Tier and continuously assure suppliers, integrators and software providers; the DSB lesson is that a partner's outage can stop your whole network.
Put incident readiness in place that assumes a service-down scenario, with rehearsed recovery that gets trains moving safely again.
Maintain a live view of OT posture across a dispersed estate, and assure cyber at the point of new signalling and rolling-stock programmes.

Service continuity, with safety-case integrity preserved as signalling becomes more connected.

Visibility of, and leverage over, the suppliers and integrators that can halt the network.

Faster, rehearsed recovery when an incident hits.

Demonstrable alignment to NIS2 and rail cyber standards such as TS 50701.

02Transport

Road

Intelligent transport systems, tunnels and motorways, tolling, EV charging and freight logistics.

The problem

Road networks run on OT spread across thousands of roadside locations: traffic signals, variable-message signs, tunnel and motorway control SCADA, tolling, and a fast-growing EV-charging estate, increasingly joined by connected and automated-vehicle infrastructure. Much of it sits on exposed roadside networks never designed for adversarial security. Manipulation of signals, tunnel ventilation or control-room systems is a safety hazard, not just an IT outage; and the logistics and fleet operators that move freight have repeatedly lost weeks of operation to ransomware. The estate is highly distributed and hard to monitor or physically secure.

OT Programme Design & Delivery
Penetration testing
OT Supply-Chain GRC
Readiness for major incidents
Data governance

How we solve it

Build visibility and segmentation across ITS, control-room SCADA, tolling and EV-charging systems, and validate the separation with OT-safe testing.
Harden roadside and control-room assets and bring remote-maintenance access under control.
Tier and assure ITS integrators, tolling providers and charge-point operators, the partners your network depends on.
Put readiness in place for control-room-down and logistics-down scenarios, with rehearsed recovery.
Assure cyber posture at the point of smart-infrastructure capex, and govern the data that connected infrastructure generates.

Protected road-network availability and public safety.

Reduced exposure across a sprawling, distributed roadside estate.

Supply-chain leverage over ITS and charging providers, and more resilient logistics.

Cyber risk priced into smart-infrastructure investment, not discovered after go-live.

03Transport

Airlines & aviation

Airline operations, airport ground systems, baggage handling and shared service platforms.

The problem

Aviation runs on a dense web of shared systems and suppliers: airport check-in, boarding and baggage-handling platforms, airline operations systems, ground-support equipment, and the airport OT behind power, fuel and building services. The September 2025 ransomware attack on Collins Aerospace's MUSE check-in platform showed how fragile this is, a single supplier compromise forced Heathrow, Brussels, Berlin and Dublin back to manual check-in for days. Aviation is also a standing target for criminal and state-sponsored actors. The efficiency of shared, centralised platforms is exactly what turns one incident into continental disruption.

OT Supply-Chain Security & GRC
OT Programme Design & Delivery
Readiness for major incidents
OT Security Due Diligence
Governance, Risk & Compliance

How we solve it

Map the supplier and shared-service dependency chain and tier it by criticality; the MUSE incident is the clearest case for knowing where your single points of failure are.
Segment and harden airport OT, baggage handling, ground systems, building and power SCADA, and bring third-party access under control.
Put readiness in place with tested manual-fallback playbooks, so a platform outage degrades operations rather than stopping them.
Maintain continuous posture monitoring, and assure cyber at the point of new airport-system and integrator contracts.
Align the programme to EASA Part-IS and NIS2, with board-ready reporting.

Passenger operations protected, with a tested fallback when a shared platform fails.

Reduced single-supplier exposure across the airport estate.

Faster recovery and a rehearsed response to platform-down events.

Alignment to EASA Part-IS and NIS2, and stronger standing with regulators and insurers.

04Transport

Maritime

Ports and terminals, and vessels, bridge, navigation, propulsion and cargo systems.

The problem

Maritime risk spans two connected worlds: ports, terminal operating systems, cranes, gate and yard automation, and the OT behind power and fuel, and vessels, where bridge systems, ECDIS, propulsion, ballast and cargo control increasingly sit behind satellite links and OEM remote access. The 2017 NotPetya attack on Maersk is the landmark case: it halted container operations worldwide and cost an estimated $300m. Onboard OT was historically isolated; connectivity has changed that faster than the controls have kept up. Regulators have responded, cyber risk now sits inside ships' safety management systems, and classification rules set expectations for newbuild cyber resilience.

OT Programme Design & Delivery
Site Enablement
OT Supply-Chain GRC
Readiness for major incidents
OT Security Due Diligence

How we solve it

Build asset visibility across port OT and onboard systems, and bring vessel satcom and OEM remote access under control.
Segment port and onboard networks, separating safety- and navigation-critical systems from the rest.
Tier and assure suppliers, OEMs and integrators across the port and fleet.
Put readiness in place for port-down and vessel-down scenarios, with rehearsed recovery.
Assure cyber at the point of port-automation capex and newbuild vessels, aligned to IMO and classification rules (IACS UR E26/E27).

Protected port throughput and vessel availability.

Controlled, monitored remote access to onboard and port OT.

Faster recovery and a rehearsed response to incidents at sea or in port.

Alignment to IMO and IACS UR E26/E27, and to NIS2 where applicable.