def
By Jeff Stagl, Managing Editor
During Progressive Railroading’s virtual Rail Summit on May 26, executives from two Class Is and one short-line holding company discussed how the latest information technology (IT) is helping their respective organizations improve customer service or bolster cybersecurity. Titled “IT Advancements to Meet Organizational Strategy,” the event included 11 presentations.
One featured Union Pacific Railroad Assistant Vice President of IT Operations and Systems Development Katie Sanders describing how the Class I is trying to empower customers with optimal online tools and better access to information. The overriding theme of her “Rail Tech Network & Infrastructure'' presentation was how UP is managing, protecting and exploiting its vast IT investments.
UP this year has budgeted $235 million for technologies and $80 million for positive train control enhancements, so the railroad needs to “optimize that technology spend,” said Sanders.
“Many trackside sensors [can] track assets in near real time. We need to extend that visualization out to customers,” she said.
UP owns and manages one of North America’s largest privately owned communications networks, which governs train movements, asset monitoring and operational enhancements. Network connectivity is made possible by 12,000 routers and switches, 4,000 microwave radios, 7,000 data center servers, 1,100 communication towers and two full-service data centers, said Sanders.
“We host hundreds of applications built in-house. And more things continue to be put on the network,” she said. “Maintaining the network is a critical component.”
UP aims to preserve system availability and performance, respond to all alerts, restore and recover systems, and problem solve and eliminate issue occurrences. The Class I also strives to execute critical escalation “swarm” protocols, said Sanders. A swarm is a protocol for distributed data synchronization.
Going forward, UP’s vital areas of network and IT infrastructure are boosting microwave network throughput to support increasing network demand, expanding edge compute and mobile applications to support voice and data communications anywhere, and embracing long-range consist communications to bridge communication gaps as the distances between end points lengthen.
UP also plans to continue to adapt to changing dynamics, such as digital and virtual migration, mobile computing platforms, cloud migration, and mounting internet of things and bandwidth demands, said Sanders.
“Mobility is here to stay. It has accelerated in the COVID world,” she said.
The need to continually provide a top customer experience is here to stay for CSX. The Class I aims to create collaborative solutions that enhance the ease of doing business with the railroad and align well with customers’ needs, said CSX Senior VP of Sales Arthur Adams during his presentation: “Partnering Technological Innovation With Supply Chain Management for Best-in-Class Service.”
“Technology underpins all aspects of CSX [and] is the central focus that ensures we tie it all together,” he said. “It’s an opportunity to increase our market share and attract new customers.”
For example, CSX for a number of years has offered ShipCSX, an online customer tool that can be used to plan, ship, trace and pay for freight. ShipCSX has undergone a collaborative design with customers and the railroad is committed to performing a platform modernization to ensure it offers greater flexibility across devices, said Adams.
There will be future business-to-business integrations and automation through a robust Application Programming Interface (API) platform, he said. APIs are software intermediaries designed to enable two applications to communicate with each other.
“We have been on a journey to enhance this tool,” said Adams, adding that ShipCSX now has 40,000 users. “We want a seamless experience.”
The Class I also is trying to empower employees with the necessary tools to enhance customer interactions, such as electronic documentation and crew enablement. In addition, a Salesforce tool helps empower the sales team to focus on selling with a key interaction measurement process and equip the marketing team with tools to implement strategic pricing actions, said Adams.
In the near future, Big Data will drive key business insights, he believes. Artificial Intelligence and machine learning will assist decision-making, everyone and everything will be
continuously connected, and increased autonomous operations will improve service, said Adams.
“We are trying to revolutionize the customer experience so our solutions fit our customers’ evolving needs,” he said. “We want to harness transformative technology to innovate and foster a high-performance workforce, and provide best-in-class service and unprecedented reliability.”
Watco is trying to harness something important, as well: ensuring cybersecurity is part of its IT deliverables. That’s what Watco Director of Technical Services and Security Greg Robbins stressed during his presentation titled “Reassessing the Matrix.”
The company is striving to approach security from a risk identification and risk mitigation standpoint, and consider second-order effects of identified risks to prevent cyber attacks, he said.
There have been a number of high-profile cybersecurity breaches so far this year, including a cyber attack on IT monitoring and management tool provider SolarWinds Inc. that impacted 18,000 of its customers, said Robbins.
“We want to do all that we do securely. It should be like how safety is part of our operations,” he said.
Watco currently is updating its security risk matrix. The company is trying to identify risk areas, determine how likely an attack could occur, pinpoint any business impacts if a breach occurs, explore available mitigations or controls, and prioritize mitigations.
An internal brainstorming exercise helped identify risks, but “the real eye-opener was when we reached out to peers and consultants,” said Robbins. Watco found that cyber attackers no longer are mostly IT-gifted individuals, but organized groups that resemble large corporations with suppliers and affiliates that are willing to spend money to make money, he said.
The groups employ research and development teams that develop new ransomware software, business tools and dashboards. They also develop and maintain tools, websites and support infrastructure, use affiliates to carry out attacks, work hard to maintain a public image, and attend conferences and events to learn about new attack techniques and system flaws.
“They feel they are professional,” said Robbins. “They can find out what a victim can afford to spend.”
Cyber criminal groups also are innovating, finding ways to profit from extortion, double extortion and triple extortion involving data encryption and stealing sensitive documents. They realize speed to market is key to a successful attack, needing only four to seven days on average to take a patch for a security flaw and reverse engineer it into a working attack tool.
To better understand the current context for cyber threats and risks, Robbins suggests those tasked with cybersecurity talk to those “who have experience in the trenches,” learn from teams working on recent attacks and adjust their company’s risk evaluation.
Admitting your company can be breached is not defeatism, he said.
“Assume that one time, someone will be successful. Defenders have to be right 100% of the time, but attackers only have to be right once,” said Robbins.
The best defense is to optimize for quick detection, stoppage and recovery from an attack. The keys are to develop an incident response plan, store a copy of it offline or in a protected place, test it and familiarize people with it, keep it updated and think through manual processes if needed.
In closing, Robbins reminded attendees not to forget about second order effects.
“If you assume a breach, your business partners will be assumed to be breached and your providers will be assumed to be breached,” he said.