Description
Public transit agencies in the United States depend on external vendors to help deliver and maintain many essential services and to provide critical technologies, from ticket purchases to scheduling to email management. While the integration of new, advanced technologies into the public transit industry brings important advancements to U.S. critical transportation infrastructure, the application of digital technologies also brings with it a new assortment of digital risks. Transit agencies of all sizes are finding themselves subject to cyber incidents—most notably ransomware attacks—like those experienced by larger, more prominent companies and critical infrastructure providers. The findings in this report focus on helping all parties involved improve in three key areas: cyber literacy and procurement practices, the lifecycle of technology vis-à-vis transit hardware, and the importance of embracing risk as a road to resiliency.
Publication Date
7-2022
Publication Type
Report
Topic
Security and Counterterrorism, Transit and Passenger Rail, Transportation Technology
Digital Object Identifier
10.31979/mti.2022.2113
MTI Project
2113
Mineta Transportation Institute URL
https://transweb.sjsu.edu/research/2113-Cybersecurity-Ransomware-Public-Transit
Keywords
Cybersecurity, Ransomware, Public Transit, Cyber attack, Enterprise Risk Management
Disciplines
Information Security | Systems Architecture | Transportation
Recommended Citation
Scott Belcher, Terri Belcher, Kathryn Seckman, Brandon Thomas, and Homayun Yaqub. "Aligning the Transit Industry and Their Vendors in the Face of Increasing Cyber Risk: Recommendations for Identifying and Addressing Cybersecurity Challenges" Mineta Transportation Institute (2022). https://doi.org/10.31979/mti.2022.2113
Research Brief