Both operational and security requirements (the risk of cybercrime in particular) fuel a continual demand for further development of our IT systems. Given the tight labour market, we may not be able to find enough staff with the right levels of expertise, in which case not all IT systems would satisfy the requirements. The consequence of this would be that NS fails to live up to its strategic ambitions and cannot guarantee the continuity of its service.
We need reliable IT systems for running our timetable and delivering sufficient services to our customers. IT is an increasingly important and critical factor in running NS’s operations, in particular in the provision of information for our passengers, and in timetable control and adjustment. Our ability to facilitate this rests on three cornerstones: a stable, efficient and scalable IT infrastructure; sufficient and qualified staff; and systems that are sufficiently manageable. There are currently risks for each of these cornerstones. Legacy systems are an issue for a stable, efficient and scalable IT infrastructure. In an increasingly tight labour market, recruiting and retaining the right staff is a growing risk. And manageability is negatively affected by strong dependence on external suppliers.
Outdated business applications will be replaced as necessary. We have set up separate programmes for highly critical systems for this. In addition, we are running long-term programmes for the development of cloud infrastructure and data platforms. For the recruitment of staff, NS collaborates intensively with training institutions and staffing agencies. Centralisation and sound architecture are used for keeping the IT environment manageable. NS is continually investing in strengthening its cybersecurity.
The Recruitment department runs intensive IT labour market campaigns to recruit new IT staff. In these campaigns, NS is presented as a socially relevant employer that offers an attractive IT domain for new recruits.
Based on the cyber roadmap, NS has made several important steps towards increasing its resilience to cyber-attacks.
Risk control trend
In 2019, we made huge strides in the replacement of critical systems, such as the phasing out of the old train control system, and in the management of cyber risks, although we will need to continue developments in this field.