Cybersecurity at tmc is a core mindset. And no one embodies this more than Michael Wachert-Rabl, who joined tmc earlier this year as our Chief Information Security Officer (CISO). With a background that spans finance, industry, and a lifelong passion for railways, Michael brings a unique perspective to one of the most critical areas of our business: securing the future of railway digitalization.
From Finance to Rail-Tech: an unconventional path
Michael’s career began in finance and economics, a world he describes as very virtual. Recently, his interest pivoted toward the industrial sector, where physical products make also his work more tangible. In our case: large track machines, made intelligent. The producing industry fascinates Michael.
That realization led him to the world of Operational Technology (OT) security, a field where cybersecurity is not only about data, but about people, hardware, and physical processes.
A new layer of complexity: securing tmc products
At tmc, Michael faces a distinct challenge: protecting not only traditional corporate IT systems, but also our proprietary products and hardware like the tmMDC. This involves close collaboration with his colleagues, ranging from physicists to software engineers, and product teams who are working on cutting-edge measurement technology.
“Our software is deeply integrated with physical systems, far more complex than typical enterprise IT,” Michael says. “That makes my job very interesting and the solutions we are dedicated to protect more innovative.”
As a passionate railway fan, his childhood model train collection says it all, he’s thrilled to contribute to a greener, more sustainable logistics future and help build a digital backbone for the global railway network.
Today’s threats, tomorrow’s standards
Michael’s focus as CISO spans three core areas:
1. Daily Operational Threats
From phishing and malware to social engineering and supply chain vulnerabilities, the risks are real and ever evolving. Risk assessments and proactive mitigation strategies are part of everyday life.
2. Product-Level Security
Ensuring Security by Design is no longer optional, it’s law. With the Cyber Resilience Act and on the horizon, tmc is embedding threat modeling and secure development lifecycles directly into its products.
3. Corporate and Operational Compliance
tmc as a whole company and its processes are ISO/IEC 27001 certified, a major milestone that was successfully re-certified earlier this year. But that’s just the beginning: operational and physical security processes are being aligned step by step to meet regulatory standards by the end of 2027.
Part of the team, part of the mission
Michael is a central part of tmc’s CTO-led organization, reporting directly to Franz Berger. From internal IT to product management, customer interaction to administrative oversight, his role touches every corner of the organization.
He’s also a team player outside the office: an avid cyclist and strength trainer, sharing his active lifestyle with several tmc colleagues.
Building a secure, sustainable railway future
At tmc, we see cybersecurity as a pillar of success and Michael Wachert-Rabl as a key architect of that foundation. His mission is clear: implement a security-first mindset across the company, from the codebase to the control room.
With Michael on board, tmc products don’t just deliver data and important insights,they deliver trust.