The European Rail Traffic Management System (ERTMS) with its various projects aims to unify the standards for communication and train control on a European basis. The European Train Control System (ETCS) is designed to simplify the equipment of routes in the Trans-European Networks, but has also found its way across other rail infrastructures. The ERTMS Users Group (EUG) represents the interests of the infrastructure managers. In this group, INCYDE represents the position of DB Netz AG with regard to the security of ETCS. This includes, among other things, the analysis of risks of the current ETCS standards. Recommendations for measures that can be integrated into existing systems resulted from this. Furthermore, efforts were made to plan a future security cluster within the EUG so that aspects of OT security can already be taken into account when designing the next versions of the ETCS standard.