METRO Magazine Logo
MenuMENU
SearchSEARCH

MTI Follow-Up Report Finds Transit Still Lacking in Cybersecurity

The latest study — “Does the Transit Industry Understand the Risks of Cybersecurity and Are the Risks Being Appropriately Prioritized?” — paints a sobering picture: progress has been slow, uneven, and insufficient to meet the escalating risks posed by cybercriminals.

Staff Writer
Staff WriterEditorial
Read Staff's Posts
May 14, 2025
MTI Follow-Up Report Finds Transit Still Lacking in Cybersecurity

The MTI report makes it clear that cybersecurity is not just a technical concern — it’s a leadership, staffing, and strategic issue. 

Photo: METRO

2 min to read

Despite rising threats and increased reliance on digital systems, America’s transit agencies are still struggling to catch up with basic cybersecurity practices, according to a new report from the Mineta Transportation Institute (MTI).

In its follow-up to a 2020 study that highlighted the sector’s lack of preparedness, MTI’s new report — “Does the Transit Industry Understand the Risks of Cybersecurity and Are the Risks Being Appropriately Prioritized?” — paints a sobering picture: progress has been slow, uneven, and insufficient to meet the escalating risks posed by cybercriminals.

Ad Loading...

Minimal Progress Despite Mounting Threats

Drawing on surveys from 78 agencies, in-depth interviews with transit professionals, and a comprehensive literature review, the study identifies three core challenges still hampering cybersecurity across the industry:

  • Widespread Leadership Disconnect: Many transit executives remain unaware of their organizations' specific cybersecurity risks. Even among those who recognize the danger, there’s often little understanding of the measures being taken — or not taken — by their teams.

  • Missing or Incomplete Cyber Policies: Many agencies lack formal documentation of cybersecurity policies and procedures. These gaps leave them vulnerable to threats and unprepared for incident response.

  • Small Agencies Falling Further Behind: While larger agencies have made some strides, smaller transit operators are lagging significantly. Adopting best practices — such as assessments, policy development, and staff training — is far less common at smaller organizations.

“The increasing sophistication of cybercriminals, in combination with a greater reliance on technology within the transit industry, puts the industry at higher risk than in 2020,” the report’s authors caution.

Recommendations for Closing the Gap

To reverse course, MTI outlines a clear set of action steps:

  • Develop and regularly update a customized cybersecurity plan.

  • Conduct annual cybersecurity assessments and act promptly on the findings.

  • Establish and follow documented cybersecurity policies and procedures.

  • Ensure at least one staff member holds a cybersecurity certification and is qualified to oversee internal systems and third-party vendors.

Ad Loading...

Without these foundational elements in place, agencies remain vulnerable to data breaches, service disruptions, and safety hazards tied to digital infrastructure failures.

A Call for Industry-Wide Coordination

The report makes it clear that cybersecurity is not just a technical concern — it’s a leadership, staffing, and strategic issue. Solving it requires a coordinated, industry-wide response.

As public transit's digital footprint continues to grow — from fare systems and vehicle telemetry to scheduling and customer service platforms — the consequences of inaction become more severe.

“Agencies are not conducting regular cybersecurity assessments or putting basic policies and procedures in place to minimize the likelihood of a cybersecurity breach and to recover from the harm when one occurs,” the report states.

Topics:Mineta Transportation InstituteCybersecurityReportsemergency preparednesssecurityTechnologySecurity and Safety

More Security and Safety

SEPTA Transit Police officers
Security and Safetyby StaffApril 21, 2026

Report: Crime on Philadelphia's SEPTA Continues to Drop

According to the new quarterly data, there were double-digit reductions in five of the eight serious crime categories, including aggravated assaults and robberies.

Read More →
A product grouping image of the AngelTrax Vulcan Series VX4AI All-in-One MDVR and V1284HC MDVR
Security and Safetyby StaffApril 8, 2026

AngelTrax, City of Freeport Partnership to Enhance Fleet Safety

The project, finalized on February 12, provides the city with two different configurations of high-definition cameras to outfit 16 buses in the Pretzel City Area Transit fleet.

Read More →
Two ABQ RIDE buses
Security and Safetyby StaffApril 1, 2026

ABQ RIDE Launches ‘Drive Safe, Ride Safe’ Campaign to Strengthen Internal Safety Culture

The 12-month initiative focuses on staff engagement, training, and reducing preventable incidents.

Read More →
Ad Loading...
frontrunner bus
SponsoredApril 1, 2026

Breaking Accessibility Barriers with the Low Floor Frontrunner Minibus

Accessible transit isn’t a feature—it’s a responsibility. This whitepaper explores how the Low-Floor Frontrunner is redefining mobility with a breakthrough design that removes barriers, empowers riders, and delivers measurable operational advantages for agencies. Discover why this next generation minibus is setting a new standard for inclusive transportation.

Read More →
PSTA, City of Dunedin, and Congresswoman Anna Paulina Luna during a check ceremony for restoration of the Dunedin Pier
Security and Safetyby StaffMarch 31, 2026

PSTA, City Officials Receive Money to Repair Hurricane Ravaged Pier

The funds will specifically reconstruct the portion of the pier used by PSTA’s Clearwater Ferry, creating a permanent dock for the ferry service, which serves as an important transportation and tourism link to other Pinellas County communities.

Read More →
A blue and white graphic with Safety Vision's logo and text reading "Report Shows Growing Impact of AI-Powered Video."
Security and Safetyby Staff and News ReportsMarch 26, 2026

AI Video Systems Emerging as Core Safety Infrastructure, Safety Vision Report Finds

Between accident prevention and insurance savings, new research outlines how transportation fleets are leveraging intelligent video and telematics technologies.

Read More →
Ad Loading...
A screenshot of ZeroEyes AI gun detection technology.
Railby Staff and News ReportsMarch 24, 2026

ZeroEyes Launches ZeroLink to Expand AI Gun Detection Beyond Traditional Networks

New edge-based solution enables real-time threat detection and situational awareness in remote, mobile, and infrastructure-limited environments.

Read More →
Rendering of CTA railcar
Security and Safetyby StaffMarch 19, 2026

FTA Launches Safety Inspections, Plans Directive to IDOT on CTA Issues

The FTA said its actions build on its nationwide campaign to make transit systems safer for American families.

Read More →
Close up of a public transit bus tire with text reading "House Committee Advances “Dalilah’s Law” to Strengthen CDL Safety Standards."
Security and Safetyby StaffMarch 19, 2026

House Committee Advances 'Dalilah’s Law' to Strengthen CDL Safety Standards

The bill would tighten CDL requirements, enhance training standards, and increase oversight of commercial driver licensing nationwide.

Read More →
Ad Loading...
A CTA railcar in a Chicago station
Security and Safetyby StaffMarch 11, 2026

CTA Sends Expanded Security Plan to FTA, Boosts Policing Hours by 75%

The Plan is CTA's formal response to an FTA Special Directive issued in December and details how the agency will significantly expand the law enforcement surge it launched.

Read More →
View All