Is the Transit Industry Prepared for the Cyber Revolution? Policy Recommendations to Enhance Surface Transit Cyber Preparedness

Is the Transit Industry Prepared for the Cyber Revolution? Policy Recommendations to Enhance Surface Transit Cyber Preparedness

Abstract: 

The intent of this study is to assess the readiness, resourcing, and structure of public transit agencies to identify, protect from, detect, respond to, and recover from cybersecurity vulnerabilities and threats. Given the multitude of connected devices already in use by the transit industry and the vast amount of data generated (with more coming online soon), the transit industry is vulnerable to malicious cyber-attack and other cybersecurity-related threats. This study reviews the state of best cybersecurity practices in public surface transit; outlines U.S. public surface transit operators’ cybersecurity operations; assesses U.S. policy on cybersecurity in public surface transportation; and provides policy recommendations that address gaps or identify issues for Congress, the Executive Branch, and the public surface transit agencies. Research methods include an online survey of public surface transit professionals in the United States and oral interviews conducted with members of the Executive Branch (e.g., U.S. Department of Transportation, U.S. Department of Homeland Security, The White House, and others), as well as research of literature published in periodicals.

Additional Resources: 

Authors: 

SCOTT BELCHER, JD, MPP
Scott Belcher is the President and CEO of SFB Consulting, LLC, where he specializes in transportation, transportation technology, the internet of things, smart cities, and the environment. Prior to his role at SFB Consulting, Mr. Belcher served as the CEO of the Telecommunications Industry Association for two years and the President and CEO of the Intelligent Transportation Society of America (ITS America) for seven years. Mr. Belcher has more than 35 years of private and public sector experience in Washington, D.C. Before joining ITS America, Mr. Belcher held senior management positions at a number of prominent trade associations, worked in private practice at the law firm of Beveridge & Diamond, PC, and served at the U.S. Environmental Protection Agency. Mr. Belcher serves on a number of public and private advisory boards. Mr. Belcher holds a JD from the University of Virginia, a Masters of Public Policy degree from Georgetown University, and a Bachelor of Arts degree from the University of Redlands in Redlands, California.

TERRI BELCHER
Terri Belcher is a writer and analyst who has worked in Washington, D.C. for the past 30 years. Ms. Belcher has 20+ years of experience working as a policy analyst and writer for the federal government, federal contractors, and numerous non-profits. Ms. Belcher earned a Bachelor of Arts degree from the University of Redlands in Redlands, California. 

ERIC GREENWALD, JD
For the last four years, Eric Greenwald has been the General Counsel of Redacted, a cyber security firm based in San Francisco, CA. He joined Redacted from the White House, where he served as the Special Assistant to the President & Senior Director for Cybersecurity on the National Security Council (NSC). At the NSC, he was charged with coordinating cybersecurity efforts across the federal government on matters of international policy, national security, intelligence, law enforcement, and incident response. Prior to his work at the White House, Eric served as the Principal Deputy Director of the FBI’s National Cyber Investigative Joint Task Force and as the Deputy Director of Operations at U.S. Cyber Command, where he provided legal and policy guidance to senior leadership on defensive and offensive cyber operations. Eric also worked on Capitol Hill as Chief Counsel for the House Permanent Select Committee on Intelligence and served as an Attorney Advisor with the CIA’s Office of General Counsel.

In the private sector, he worked as a litigator and an international trade lawyer with the law firms Steptoe & Johnson and Shearman & Sterling. More recently, he worked as an associate producer for the CBS News program “60 Minutes” and as an editor for National Public Radio. Mr. Greenwald received his bachelor’s degree in international relations from Yale University and his law degree from the University of Michigan Law School.

BRANDON THOMAS, MBA
Brandon Thomas is a Partner at Grayline Group, a firm focused on helping organizations understand and manage for disruption, as well as a Managing Partner of Blockview Partners, a firm focused on understanding the emerging blockchain and cryptocurrency space. Mr. Thomas has worked in both startup and corporate environments as he discovered his passion for working among disruptions. Mr. Thomas co-wrote the initial data strategy Democratic National Committee that went on to  revolutionized campaign politics. He was employee #1 at one of the first software-as-a-services (SaaS) startups in the HR space. More recently, Mr. Thomas has been working on behalf of clients to understand the disruption afoot in the public transit industry. He is co-author of “Chain Reaction: How Blockchain Will Transform the Developing World,” to be published by Palgrave Macmillan in autumn 2020. From the rise of data in politics to the emergence of SaaS to the ubiquitous nature of social media to the emerging blockchain and cryptocurrency realm, Mr. Thomas has worked to build numerous businesses to understand and exploit opportunities spurred by ever-increasing technological change. Brandon received his BA from The George Washington University and his MBA from the University of Texas at Austin.

Published: 

September 2020

Keywords: 

Cybersecurity
Policy
Safety
Security
Transit