Securing Public Transit in the New Age

As Skylar Woodhouse wrote for Bloomberg, “US public transit systems face a long road to recovery.” With the pandemic and large-scale adoption of work-from-home models, commuting patterns have yet to return to what they were. According to research, public transit systems are projected to reach about 75% of their pre-COVID levels by the end of 2025. Getting to 100% will likely take even longer. It’s been predicted that New York’s Metropolitan Transportation Authority may not see such activity until around 2035.

Why Funding is Needed for Public Transit Cybersecurity

So, how does this connect to cybersecurity? It mainly comes down to funding. Ridership is essential to financial standing, and without it, compromises may need to be made. Where cuts occur is important to consider, though, because the industry is already facing a series of challenges. In addition to struggling with general upkeep, the ability to make improvements may also fall behind, which matters in the case of cybersecurity.

Mineta Transportation Institute at San Jose State University recently released a report titled “Aligning the Transit Industry and Their Vendors in the Face of Increasing Cyber Risk.” In it, the researchers concluded that “the hardware and software lifecycles in public transit are ‘out of sync,’” according to Cities Today. This means that designs created to last around 15 years contain software that hasn’t been updated. In turn, these systems are left exposed to potentially detrimental vulnerabilities. And it’s not far reaching to imagine that a mass transit network could be impacted by a cyberattack. The Bay Area Rapid Transit system, Southeast Pennsylvania Transportation Authority, Vancouver’s Translink, New York’s Metropolitan Transportation Authority, Dallas Area Rapid Transit, Ann Arbor Area Transportation Authority and the Santa Clara Valley Transportation Authority are just some, as listed by Cities Today, that have been faced with this reality.

Examples of Public Transit Cybersecurity Assistance

Furthermore, the growing integration of connected services such as credit card processing, data storage and location tracking require enhanced cybersecurity practices. While helpful in ushering in the new generation of transit, these technical advances also widen opportunities for cyber breaches. There are solutions that operators can pursue to address this rising issue. For example, they can improve communication with vendors and identify a security leader to facilitate this process. They can also make sure that cyber risk is added into the overall physical risk management strategy for the facility. But much of this takes money.

As a part of a broader federal and governmental initiative that has been unfolding to strengthen critical infrastructure cybersecurity, including transportation, Secretary of Homeland Security Alejandro N. Mayorkas announced in mid-August that $550 million in final allocations for seven Fiscal Year 2022 would be going toward competitive preparedness grant programs. This is in addition to the nearly $1.5 billion already set aside for non-competitive grand funding. Of that money, $93 million is to go to owners and operators of public transit systems. Amtrak, specifically, will receive $10 million. There are certain areas that recipients are expected to use the funding to address, among which is cybersecurity.

In another case of funding assistance for public transportation, the city of Grand Forks said that it was rewarded $7.76 million from the Federal Transit Administration. In addition to improvements for elements like broadband infrastructure, these finances are intended to be put toward cybersecurity projects as well.  



Table of Contents

Subscribe to
The Dellfer Brief

The latest industry insights and company news delivered to your inbox.

See Our Blog Posts

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This White Paper

Enter Your Information to Access This Datasheet

Enter Your Information to Access This Datasheet