METRO Magazine Logo
MenuMENU
SearchSEARCH

MTI Follow-Up Report Finds Transit Still Lacking in Cybersecurity

The latest study — “Does the Transit Industry Understand the Risks of Cybersecurity and Are the Risks Being Appropriately Prioritized?” — paints a sobering picture: progress has been slow, uneven, and insufficient to meet the escalating risks posed by cybercriminals.

Staff Writer
Staff WriterEditorial
Read Staff's Posts
May 14, 2025
MTI Follow-Up Report Finds Transit Still Lacking in Cybersecurity

The MTI report makes it clear that cybersecurity is not just a technical concern — it’s a leadership, staffing, and strategic issue. 

Photo: METRO

2 min to read

Despite rising threats and increased reliance on digital systems, America’s transit agencies are still struggling to catch up with basic cybersecurity practices, according to a new report from the Mineta Transportation Institute (MTI).

In its follow-up to a 2020 study that highlighted the sector’s lack of preparedness, MTI’s new report — “Does the Transit Industry Understand the Risks of Cybersecurity and Are the Risks Being Appropriately Prioritized?” — paints a sobering picture: progress has been slow, uneven, and insufficient to meet the escalating risks posed by cybercriminals.

Ad Loading...

Minimal Progress Despite Mounting Threats

Drawing on surveys from 78 agencies, in-depth interviews with transit professionals, and a comprehensive literature review, the study identifies three core challenges still hampering cybersecurity across the industry:

  • Widespread Leadership Disconnect: Many transit executives remain unaware of their organizations' specific cybersecurity risks. Even among those who recognize the danger, there’s often little understanding of the measures being taken — or not taken — by their teams.

  • Missing or Incomplete Cyber Policies: Many agencies lack formal documentation of cybersecurity policies and procedures. These gaps leave them vulnerable to threats and unprepared for incident response.

  • Small Agencies Falling Further Behind: While larger agencies have made some strides, smaller transit operators are lagging significantly. Adopting best practices — such as assessments, policy development, and staff training — is far less common at smaller organizations.

“The increasing sophistication of cybercriminals, in combination with a greater reliance on technology within the transit industry, puts the industry at higher risk than in 2020,” the report’s authors caution.

Recommendations for Closing the Gap

To reverse course, MTI outlines a clear set of action steps:

  • Develop and regularly update a customized cybersecurity plan.

  • Conduct annual cybersecurity assessments and act promptly on the findings.

  • Establish and follow documented cybersecurity policies and procedures.

  • Ensure at least one staff member holds a cybersecurity certification and is qualified to oversee internal systems and third-party vendors.

Ad Loading...

Without these foundational elements in place, agencies remain vulnerable to data breaches, service disruptions, and safety hazards tied to digital infrastructure failures.

A Call for Industry-Wide Coordination

The report makes it clear that cybersecurity is not just a technical concern — it’s a leadership, staffing, and strategic issue. Solving it requires a coordinated, industry-wide response.

As public transit's digital footprint continues to grow — from fare systems and vehicle telemetry to scheduling and customer service platforms — the consequences of inaction become more severe.

“Agencies are not conducting regular cybersecurity assessments or putting basic policies and procedures in place to minimize the likelihood of a cybersecurity breach and to recover from the harm when one occurs,” the report states.

Topics:Mineta Transportation InstituteCybersecurityReportsemergency preparednesssecurityTechnologySecurity and Safety

More Security and Safety

transit tracker connectpoint
Sponsoredby Alex RomanMay 1, 2026

Connectpoint Expands Digital Signage Strategy with LED Push

Connectpoint is enhancing its digital signage strategy by integrating LED technology into its services.

Read More →
frontrunner bus
SponsoredMay 1, 2026

ADA Compliant Transit: Easier, More Dignified Travel for Every Passenger

Today’s riders—and the communities you serve—expect more from public transit. While ADA compliance is required, leading transit agencies know that true accessibility also means delivering dignity, efficiency, and a better rider experience. This whitepaper reveals why forward thinking agencies nationwide choose the Low Floor Frontrunner as their first choice for ADA compliant vehicles—setting a new standard with passenger first design, faster boarding, improved safety, and unmatched operational performance.

Read More →
Photo of disaster in neighborhood near a highway
Security and Safetyby Alex RomanApril 30, 2026

How the Motorcoach Industry Supports Disaster Response and National Preparedness

Fred Ferguson, president and CEO of the American Bus Association (ABA), discussed how the industry prepares for emergencies, the growing recognition of motorcoaches as critical infrastructure, and steps operators can take to strengthen disaster readiness.

Read More →

From Our Partners

Connectpoint Expands Digital Signage Strategy with LED Push

Sponsored by Connectpoint

transit tracker connectpoint
Ad Loading...
DART light rail and transit bus.
Security and Safetyby StaffApril 29, 2026

Dallas Area Rapid Transit Strengthens Safety with Expanded Security Presence

The approved contract modification will increase funding for transit security officer services to a total not-to-exceed amount of $32.1 million, ensuring a continued and visible security presence across DART’s buses, trains, stations, and facilities.

Read More →
Trains at railroad crossings
Security and Safetyby StaffApril 27, 2026

USDOT Invests $1.1B to Enhance Safety Infrastructure at Railroad Crossings

Every year, more than 2,000 incidents and 300 fatalities occur at railroad crossings nationwide. 

Read More →
Siemens and LK Comstock photo for Fulton-Liberty Lines
Security and Safetyby StaffApril 27, 2026

NYC’s Fulton–Liberty Lines Get Digital Signal Upgrade from Siemens and L.K. Comstock

The Siemens CBTC System, Trainguard MT, in compliance with New York Subway Interoperability Interface Specifications, enables trains to run as close as 90 seconds apart, using next-generation signaling and continuous communication to keep operations moving seamlessly.

Read More →
Ad Loading...
SEPTA Transit Police officers
Security and Safetyby StaffApril 21, 2026

Report: Crime on Philadelphia's SEPTA Continues to Drop

According to the new quarterly data, there were double-digit reductions in five of the eight serious crime categories, including aggravated assaults and robberies.

Read More →
A product grouping image of the AngelTrax Vulcan Series VX4AI All-in-One MDVR and V1284HC MDVR
Technologyby StaffApril 8, 2026

AngelTrax, City of Freeport Partnership to Enhance Fleet Safety

The project, finalized on February 12, provides the city with two different configurations of high-definition cameras to outfit 16 buses in the Pretzel City Area Transit fleet.

Read More →
Two ABQ RIDE buses
Security and Safetyby StaffApril 1, 2026

ABQ RIDE Launches ‘Drive Safe, Ride Safe’ Campaign to Strengthen Internal Safety Culture

The 12-month initiative focuses on staff engagement, training, and reducing preventable incidents.

Read More →
Ad Loading...
PSTA, City of Dunedin, and Congresswoman Anna Paulina Luna during a check ceremony for restoration of the Dunedin Pier
Security and Safetyby StaffMarch 31, 2026

PSTA, City Officials Receive Money to Repair Hurricane Ravaged Pier

The funds will specifically reconstruct the portion of the pier used by PSTA’s Clearwater Ferry, creating a permanent dock for the ferry service, which serves as an important transportation and tourism link to other Pinellas County communities.

Read More →
View All