Nomad Digital & Alstom Webinar: EU Cyber Act Compliance for Rail

Nomad Digital and Alstom host a webinar March 26th, detailing EU Cyber Resilience Act compliance for rail. Secure your market access with these crucial cybersecurity strategies.

January 27, 2026 7:38 pm

🛑 Key Takeaways:

Nomad Digital and Alstom will host a technical webinar on March 26th to detail compliance strategies for the EU’s upcoming Cyber Resilience Act (CRA).
The CRA mandates new cybersecurity requirements for all connected products and digital components sold in the EU, affecting the entire asset lifecycle.
The legislation aims to create a common, risk-based framework, reduce dependency on high-risk non-EU suppliers, and expand the authority of the EU’s cybersecurity agency, ENISA.

BRUSSELS, BE – Nomad Digital and Alstom are preparing the rail industry for the EU Cyber Resilience Act (CRA) with a technical webinar on March 26th. The session will address the act’s new cybersecurity requirements, which will apply to all digital products and components sold in the European market. The CRA is designed to strengthen the EU’s resilience by establishing a unified framework, streamlining compliance, and empowering the EU cybersecurity agency, ENISA, with a central role in threat analysis and incident response.

Category	Specification / Detail
Event	Webinar: Preparing for the EU Cyber Resilience Act
Date & Duration	March 26th (Live broadcast, up to 1 hour)
Key Stakeholders	Nomad Digital, Alstom, EU Commission
Core Legislation	EU Cyber Resilience Act (CRA), an update to the Cybersecurity Act (CSA)
Key Speakers	Eddy Thésée (Alstom), Callum Robinson & Ian Wilson (Nomad Digital)
Referenced Standards	IEC 62443, ISO 27001, TS 50701
Access Cost	Free of charge

Operational & Technical Details

The Cyber Resilience Act will impose far-reaching obligations on rail operators, manufacturers, and software developers. The legislation mandates security-by-design principles, vulnerability management protocols, and transparent security information for the entire product lifecycle. The webinar will feature experts from Nomad Digital and Alstom detailing how existing security frameworks, aligned with standards like IEC 62443 and TS 50701, are being adapted to meet CRA obligations.

A key objective of the CRA, part of a broader update to the EU’s Cybersecurity Act, is to reduce risks from high-risk suppliers outside the European Union. This will be achieved through a common, risk-based framework applied to critical infrastructure. The EU’s cybersecurity agency, ENISA, will gain expanded responsibilities, including threat analysis, incident response coordination, and vulnerability management across the bloc.

Market Impact Analysis

The CRA represents a structural shift in cybersecurity compliance for the rail supply chain, moving from varied standards to a mandatory, unified EU regulation. This will increase the administrative and technical burden on suppliers but also creates a clear benchmark for market access. Companies that proactively integrate the CRA’s requirements into their development lifecycle, as advocated by Nomad and Alstom, will hold a distinct competitive advantage. The act’s focus on supplier risk could also trigger a re-evaluation of supply chains, potentially favouring EU-based or compliant international partners over those from high-risk jurisdictions. This legislation effectively makes robust, verifiable cybersecurity a non-negotiable condition for participation in the EU rail market.

FAQ: Quick Facts

What is the main purpose of this webinar?

The webinar aims to provide practical steps and strategies for rail operators and suppliers to ensure compliance with the new EU Cyber Resilience Act (CRA).

When will the webinar take place?

The live webinar will take place on March 26th and will last for up to one hour. A recording will be available on-demand after the live broadcast.