The railway is one of the most important infrastructures and its security is as important as other critical infrastructures. Due to the increase in cyber-attacks, there is an increasing trend in the field of cybersecurity. The history of cyber incidents suggested that the railway needs immediate security measures or defensive controls for forthcoming advanced persistent threats (APT). Cyber Kill Chain (CKC) is one of the most widely used models for the identification, detection, and prevention of advanced persistent threats. CKC model was introduced by Lockheed Martin that consists of seven stages as Reconnaissance, Weaponize, Delivery, Exploitation, Installation, Command & Control, and Act on Objective. Breaking the chain as early as possible in the CKC model will help the defender to stop adversary’s malicious actions. As the railway is adapting digital technologies and, therefore, there is a risk that adversary can penetrate into the system following the steps of CKC. The objective of this research is to reduce the risk of cyber-attacks by proposing Railway Defender Kill Chain (RDKC) that provides security controls at each phase of Cyber Kill Chain to predict, prevent, detect and respond to cyber threats.