Is the Transit Industry Prepared for the Cyber Revolution? Policy Recommendations to Enhance Surface Transit Cyber Preparedness

Document Type


Publication Date


Subject Area

place - north america, planning - personal safety/crime, planning - safety/accidents, planning - surveys, technology - intelligent transport systems


Cybersecurity, Policy, Safety, Security, Transit


The intent of this study is to assess the readiness, resourcing, and structure of public transit agencies to identify, protect from, detect, respond to, and recover from cybersecurity vulnerabilities and threats. Given the multitude of connected devices already in use by the transit industry and the vast amount of data generated (with more coming online soon), the transit industry is vulnerable to malicious cyber-attack and other cybersecurity-related threats. This study reviews the state of best cybersecurity practices in public surface transit; outlines U.S. public surface transit operators’ cybersecurity operations; assesses U.S. policy on cybersecurity in public surface transportation; and provides policy recommendations that address gaps or identify issues for Congress, the Executive Branch, and the public surface transit agencies. Research methods include an online survey of public surface transit professionals in the United States and oral interviews conducted with members of the Executive Branch (e.g., U.S. Department of Transportation, U.S. Department of Homeland Security, The White House, and others), as well as research of literature published in periodicals.


Permission to publish the abstract has been given by Mineta Transportation Institute, copyright remains with them.