Darin Gray Principal Assurance Engineer (System Safety & Cyber Security), NCB Assurance

Darin Gray

Principal Assurance Engineer (System Safety & Cyber Security)
NCB Assurance

Biography

Darin is NCB’s Principal Assurance Engineer responsible for Railway Cybersecurity Assurance. With a 27 year career in railway control systems and electrical engineering he brings a wealth of experience to Railway OT Cyber Security.

Presentation

Raising the Bar: Defining “Good” Cyber Assurance in Rail OT – From Compliance to Confidence
The regulatory landscape for rail OT is shifting rapidly, with the UK’s Cyber Security and Resilience Bill, the EU’s Cyber Resilience Act and IEC 63452 landing this year and setting a far more demanding expectation for demonstrable cyber assurance. For rail infrastructure controllers, train operators, maintainers, and suppliers, the question is no longer whether compliance is required, it’s how to build an assurance approach that is mature enough to withstand regulatory scrutiny while still being practical in complex operational environments.

This session explores what “good” cyber assurance looks like in a world where product security obligations, lifecycle evidence, and OT‑specific assurance requirements are becoming non‑negotiable. It outlines how organisations can raise the bar by aligning assurance activities with emerging standards, embedding security into engineering and procurement processes, and generating evidence that is credible, repeatable, and defensible. Rather than treating maturity as a checklist, the presentation reframes it as a strategic capability that supports regulatory compliance, strengthens supply‑chain trust, and builds genuine confidence in the resilience of rail OT systems.

Attendees will gain a clear, forward‑looking view of how to prepare for, and thrive under, the new assurance expectations shaping the rail sector.