

A Commitment to Quality
Transitioning from a non-UKAS certified certification body to BSI was a strategic decision aimed at enhancing the credibility and robustness of our Quality Management System (QMS). The ISO 9001:2015 certification is a globally recognised standard for quality management, ensuring that organisations consistently meet customer and regulatory requirements while striving for continuous improvement.
The Audit Experience
The audit process conducted by BSI was comprehensive and meticulous. Our auditor demonstrated extensive knowledge of quality systems, thoroughly evaluating our processes and practices. The detailed assessment was instrumental in identifying areas for improvement and reinforcing our strengths. This rigorous evaluation has provided us with valuable insights, enabling us to refine our quality management practices further.
Embracing Change
As we continue our transformation from a service company to a product company, achieving ISO 9001:2015 certification reflects our dedication to quality. This certification is not just a milestone but a confirmation that we adhere to high standards of quality management, fostering trust and confidence in our offerings.
Looking Ahead
We are proud of this accomplishment and the efforts our team has put into achieving this certification. It highlights our commitment to continuous improvement. Moving forward, we will use the insights gained from the BSI audit to enhance our processes and deliver greater value to our customers.
Gratitude and Commitment
We extend our thanks to our team for their hard work and to BSI for their rigorous and informative audit process. This certification is an important step in our journey, reaffirming our commitment to maintaining a robust Quality Management System. We are optimistic about the future and the opportunities that lie ahead, confident that our QMS will continue to drive our success and customer satisfaction.
By sharing our certification journey and the thorough process involved, we aim to highlight our commitment to quality. Achieving ISO 9001:2015 certification is about fostering a culture of continuous improvement and excellence. We are excited to embark on this next chapter and appreciate the support and trust of our customers and stakeholders.
For more information about BSI and ISO9001 certification, please visit the BSI’s website.
Contact: Digital Transit Limited
Website: www.digitaltransit.co.uk
Email: info@digitaltransit.co.uk
Digital Transit Limited, a leading AI-focused company, recently took part in the Secure Innovation Security Review Pilot Scheme, a joint initiative by the National Protective Security Authority (NPSA) and the National Cyber Security Centre (NCSC). This comprehensive review was conducted by Atkins Realis.
The assessment evaluated Digital Transit Limited’s preparedness against a variety of security threats, including insider threats, cyber vulnerabilities, and physical security. Key findings from the review highlighted the following strengths:
Despite these strengths, the review identified areas needing enhancement, which have been promptly incorporated into the Quality Manual:
The review also addressed secure partnerships, recommending that Digital Transit Limited ensure future partners handle information securely and include security clauses in contracts. These recommendations have been taken on board as part of our continuous improvement efforts.
Digital Transit Limited’s participation in this security review underscores their commitment to safeguarding their business. By addressing the identified improvements, they are set to enhance their security defences, protect valuable assets, and secure a competitive edge in the tech industry.
We extend our gratitude to Atkins Realis for their professional assessment, and to the National Protective Security Authority (NPSA), the National Cyber Security Centre (NCSC), and Innovate UK for their support and funding.
Cyber Essentials Plus builds on the Cyber Essentials framework by adding independent validation from an accredited third party. This advanced certification requires organizations to implement the same fundamental protections as Cyber Essentials but includes an audit to ensure these measures are effective against common threats. This audit provides assurance that the security measures are properly implemented and functional in a real-world environment.
For DTL, achieving Cyber Essentials Plus signifies a robust commitment to maintaining a secure digital environment. The hands-on verification process provides an extra layer of assurance that DTL’s cybersecurity measures are both comprehensive and effective. This not only protects the company’s data and systems but also instils greater confidence in clients and partners who rely on DTL’s services.
The successful assessment for Cyber Essentials Plus was made possible through the professional evaluation conducted by Cyber Securities UK. Their expertise ensured that DTL met all the requirements of the certification.
DTL’s journey to Cyber Essentials Plus certification was also facilitated by the National Cyber Security Centre (NCSC) through their funded Cyber Essentials Programme. This initiative is focused on supporting small organisations with low levels of cyber maturity that handle sensitive data and would be significantly impacted by cyber disruptions. By offering Cyber Essentials Plus at no cost to high-risk sectors, the NCSC aims to enhance the overall cybersecurity posture across critical industries.
With Cyber Essentials Plus certification, DTL is better equipped to handle the complexities of modern cyber threats. This achievement not only reinforces the company’s commitment to cybersecurity but also sets a benchmark for other organisations in the sector. As DTL continues to grow and innovate, maintaining robust cybersecurity measures will remain a top priority, ensuring the safety and reliability of its services.
For more information about the Cyber Essentials Programme and the importance of cybersecurity, please visit the NCSC’s Cyber Essentials Overview and the Funded Cyber Essentials Programme.
Contact: Digital Transit Limited
Website: www.digitaltransit.co.uk
Email: info@digitaltransit.co.uk
Published on:
The introduction of the IEC 63452 standard next year will represent a crucial update in the realm of railway systems cybersecurity. This standard will replace the current Technical Specification, TS 50701, enhancing and expanding the framework to better address today’s cybersecurity challenges within the railway industry.
IEC 63452 introduces a more specific cybersecurity framework designed for railway applications. It emphasises continuous monitoring and cybersecurity assurance, allowing railway operators to respond more effectively to changing threats. The standard organises vulnerability management in a structured way, ensuring timely identification and mitigation of security vulnerabilities to protect critical infrastructure.
IEC 63452 offers detailed methodologies for risk assessment, advancing beyond the broader guidelines of TS 50701. It includes classification of different areas within the railway system based on their security needs, facilitating targeted and efficient security measures.
IEC 63452 integrates the management of safety and security considerations, encouraging a combined approach to engineering these aspects to improve overall system integrity and reliability. The standard promotes measurable security measures providing a framework to evaluate security effectiveness. In continuation of the approach and improving it.
The standard provides a comprehensive approach to managing cybersecurity within railway systems, adhering to the guidelines of IEC TC 9 and applicable across all relevant sectors within the railway industry.
It integrates the requirements from the IEC 62443 series, which are specifically designed for cybersecurity, and adapts these for the railway application domain. This includes a detailed application of cybersecurity standards and instructions on interfacing these standards with the general reliability, availability, maintainability, and safety (RAMS) lifecycle as outlined in the IEC 62278 series.
The standard ensures synchronization among various stakeholders by defining their responsibilities and presenting the security assumptions clearly. It also outlines how these cybersecurity protocols can be applied to other lifecycle processes.
Compliance with IEC 62443-2-1:2010 is maintained, providing security models, concepts, and a risk assessment process specifically tailored for the railway sector. This approach helps identify and manage residual risks associated with security threats to a level that is acceptable for railway operators and infrastructure managers.
The primary goal of the standard is to offer support and guidance for protecting critical aspects of railway Systems under Consideration (SuC) such as safety, operations, financial interests, reputation, regulatory compliance, and social stakes against cyber-attacks and the unintended consequences of configuration or maintenance activities.
Additionally, the standard provides guidance on cybersecurity assurance during the build phase of SuCs and offers recommendations for security management during the operational and maintenance phases.
It is important to note that while the standard provides a robust framework for cybersecurity and its integration with safety, it does not set forth any specific safety requirements or constraints on safety cases for railway systems. Instead, it guides on how cybersecurity measures relate to safety protocols.
The standard provides comprehensive guidelines that span the entire lifecycle of railway systems, from installation to decommissioning. This approach ensures that cybersecurity is an integral part of every stage in a system’s lifecycle, enhancing the long-term sustainability and security of railway operations.
The adoption of IEC 63452 is a useful step towards addressing the complex cybersecurity issues currently facing the railway industry. By establishing a robust framework that incorporates risk management, and integrates safety and security throughout the system’s lifecycle, IEC 63452 aims to set a new standard for railway cybersecurity globally.
Published on:
Digital Transit Limited, a UK-based company at the forefront of Artificial Intelligence technology development, has recently secured two critical sources of funding aimed at significantly enhancing its cybersecurity framework. Already holding the Cyber Essentials qualification, Digital Transit Limited is poised to elevate its cybersecurity measures to the next level with the Cyber Essentials Plus certification through the Funded Cyber Essentials Programme run by IASME and funded by the National Cyber Security Centre (NCSC).
The Cyber Essentials Plus certification offers a robust upgrade from the basic Cyber Essentials accreditation, providing an external validation of the company’s cybersecurity defences. This advanced certification ensures a higher level of security assurance, essential for protecting against common cyber threats such as hacking, phishing, and password guessing. The move not only boosts Digital Transit Limited’s defence mechanisms but also enhances customer trust and positions the company favourably within sensitive supply chains and government contracts.
In addition to the cybersecurity upgrade, Digital Transit Limited is participating in the “Secure Innovation” pilot scheme, a groundbreaking initiative in collaboration with the National Protective Security Authority (NPSA), Innovate UK, and the NCSC. This scheme addresses the growing security threats faced by the UK’s emerging tech industry, offering a strategic approach to fortify security measures across various dimensions, including cyber, physical, personnel, and supply chain risks.