Aligning the Transit Industry and Their Vendors in the Face of Increasing Cyber Risk: Recommendations for Identifying and Addressing Cybersecurity Challenges

You are here

Aligning the Transit Industry and Their Vendors in the Face of Increasing Cyber Risk: Recommendations for Identifying and Addressing Cybersecurity Challenges


Public transit agencies in the United States depend on external vendors to help deliver and maintain many essential services and to provide critical technologies, from ticket purchases to scheduling to email management. While the integration of new, advanced technologies into the public transit industry brings important advancements to U.S. critical transportation infrastructure, the application of digital technologies also brings with it a new assortment of digital risks. Transit agencies of all sizes are finding themselves subject to cyber incidents—most notably ransomware attacks—like those experienced by larger, more prominent companies and critical infrastructure providers. The findings in this report focus on helping all parties involved improve in three key areas: cyber literacy and procurement practices, the lifecycle of technology vis-à-vis transit hardware, and the importance of embracing risk as a road to resiliency.



Scott Belcher is the President and CEO of SFB Consulting, LLC, where he specializes in transportation, transportation technology, the internet of things, smart cities, and the environment. Prior to his role at SFB Consulting, Mr. Belcher served as the CEO of the Telecommunications Industry Association for two years and the President and CEO of the Intelligent Transportation Society of America (ITS America) for seven years. Mr. Belcher has more than 35 years of private and public sector experience in Washington, D.C. Before joining ITS America, Mr. Belcher held senior management positions at a number of prominent trade associations, worked in private practice at the law firm of Beveridge & Diamond, PC, and served at the U.S. Environmental Protection Agency. Mr. Belcher serves on a number of public and private advisory boards. Mr. Belcher holds a JD from the University of Virginia, a Masters of Public Policy degree from Georgetown University, and a Bachelor of Arts degree from the University of Redlands in Redlands, California.


Terri Belcher is a writer and analyst who has worked in Washington, D.C. for the past 30 years. Ms. Belcher has 20+ years of experience working as a policy analyst and writer for the federal government, federal contractors, and numerous non-profits. Ms. Belcher earned a Bachelor of Arts degree from the University of Redlands in Redlands, California.


Kathryn Seckman is the Executive Director of Strategy and Analysis at Grayline Group where she partners with organizations to lead purposeful disruption, craft strategic communications, and enable informed decision making. She began her career analyzing transnational threats, leading due diligence assessments, and providing geopolitical risk advisory services to Fortune 100 companies across multiple industries. Ms. Seckman most recently was with General Motors Company, where in 2017 she joined the Global Public Policy team at headquarters in Detroit, Michigan. She was responsible for leading analysis on global trade policy and tariff impacts, as she worked across business units to align business and policy objectives. She participated in national labor negotiations, wrote strategy alignment briefs for Policy, Legal, Manufacturing, and Labor senior executives, and led critical support and communications for CEO engagement in key business associations and boards. She subsequently developed a Workforce Strategy portfolio for GM"s Global Human Resources team, leading the cross-functional strategy design and implementation of inclusive #future of work” principles. Ms. Seckman is a Fulbright Scholar, holds an MA in Security Studies from Georgetown University, and a BA in International Relations from Drake University.


Brandon Thomas is a Partner at Grayline Group, a firm focused on helping organizations understand and manage for disruption, as well as a Managing Partner of Blockview Partners, a firm focused on understanding the emerging blockchain and cryptocurrency space. Mr. Thomas has worked in both startup and corporate environments as he discovered his passion for working among disruptions. Mr. Thomas co-wrote the initial data strategy Democratic National Committee that went on to revolutionized campaign politics. He was employee #1 at one of the first software-as-a-services (SaaS) startups in the HR space. More recently, Mr. Thomas has been working on behalf of clients to understand the disruption afoot in the public transit industry. He is co-author of #Chain Reaction: How Blockchain Will Transform the Developing World.” From the rise of data in politics to the emergence of SaaS to the ubiquitous nature of social media to the emerging blockchain and cryptocurrency realm, Mr. Thomas has worked to build numerous businesses to understand and exploit opportunities spurred by ever-increasing technological change. Mr. Thomas received his BA from The George Washington University and his MBA from the University of Texas at Austin.


Homayun Yaqub brings more than 25 years of security and risk management experience in the public and private sectors. Mr. Yaqub was a Global Security Strategist at Forcepoint and has led multiple risk and security initiatives at JPMorgan Chase & Company. As an independent consultant, Mr. Yaqub advised Global 1000 companies on strategies to better manage risk and enhance their security posture. He was also a founding member of The MASY Group, a global security and risk consulting firm, and has held multiple leadership and executive roles in the Department of Defense and U.S. Intelligence Community.

July 2022
Public transit
Enterprise Risk Management
Cyber attack



Contact Us

SJSU Research Foundation   210 N. 4th Street, 4th Floor, San Jose, CA 95112    Phone: 408-924-7560   Email: