A rising network of interconnections, new technologies and an increasing degree of digitization mean that the rail sector, both locally, as well as to a global degree, is currently in the midst of significant internal transformations. Both the business model and infrastructure are being transformed, including that for information systems. The purpose of this analysis is to systemic approach to the subject. Cyber threats are treated here not as a cause of insecurity, but as the result of a system's frailty. The subject of the study is discussed in the context of rail traffic in Poland. The author points out the changes in cyber security that Poland is experiencing and suggests possible scenarios for the near future. He points out that train traffic security is one of the main aspects of the digitization of critical infrastructure in Poland. The author aims to show that train traffic security depends on a number of factors. The article presents a proposed typology of cyber threats to rail traffic.