Cyber and information security

Since 2016, MRS has continuously invested to ensure the availability, confidentiality and integrity of information in its operations. Aware of the reality of cyber risks involving organizations around the world, the Company adopts an Information Security Policy for the protection and privacy of information, based on the provisions of the international standard ISO/IEC 27000, which sets the best management practices of security.

To meet the particularities of railway operations, MRS has a robust technological structure that includes the entire architecture of the information systems and comprises modern solutions, often developed specifically for the Company. Among the highlights are a high-performance datacenter and telecommunications infrastructure, ensuring a high level of security and availability in communication and productivity; as well as connectivity to Internet of Things (IoT) and cloud solutions.

In 2022, MRS invested a total of R$ 2.5 million in the implementation of new technologies, process improvement, data protection and awareness campaigns to encourage a safety culture. The initiatives include the progress in the preparation of an information security management plan, through which it will implement, starting in 2023, the use of security governance based on market methodology and framework, establishing rules and policies for the topic; the continuity of a project to ensure the environment resilience, whereby MRS becomes able, in the event of an attack, to recover the environment in the shortest possible time; efforts to increase credential protection and network access; and promoting an awareness campaign on fishing, one of the main attack doors to cyber and information security.