Question to the Department for Transport:

To ask the Secretary of State for Transport, with reference to her Department’s guidance entitled Rail rolling stock procurement: cyber-security, published in March 2026, what steps her Department is taking to help ensure that operational technology cabinets and data ports on existing passenger rolling stock are physically secured against unauthorised access.

The Department for Transport published its ‘Rail rolling stock procurement: cyber-security’ guidance to help industry consider and mitigate cyber risks when procuring rolling stock. This guidance is intended to support those responsible for procurement in ensuring that train technology, including the physical security of operational technology systems, is appropriately secure. Responsibility for securing existing rolling stock sits with operators and asset owners, who are expected to implement proportionate, risk-based measures to prevent unauthorised access, including to cabinets, data ports and other equipment on passenger rolling stock. The Department will continue to review its approach with partners and update guidance where appropriate.