A recent GovTech article reports that public transit agencies in the U.S. are falling behind in cybersecurity readiness. While larger systems have made some strides, smaller and rural agencies are particularly vulnerable:
Bottom line: As transit systems digitize operations (e.g., dispatch, scheduling, fare systems), cybersecurity must become a top-tier priority. The report suggests that targeted support, mandates, and dedicated resources are essential to protect service continuity and public trust.
The Illinois Department of Transportation (IDOT) has partnered with Cybrbase to launch a first-of-its-kind cybersecurity pilot for six small and rural transit agencies. The initiative uses Cybrbase’s NIST-based platform to help agencies assess and strengthen their cybersecurity posture at significantly lower cost than traditional audits.
Each agency will complete its assessment independently, while also engaging in peer collaboration to share best practices. The pilot aims to close critical cyber gaps and create a model for other states to follow.
“This initiative shows real leadership,” said Scott Belcher, Cybrbase Senior Advisor. “Many agencies don’t realize how vulnerable they are—this project is helping to change that.”
Cybrbase is proud to be a sponsor of the 2025 CTAA Expo, the premier annual event for community and public transportation professionals, taking place this June in San Diego, CA.
As part of our commitment to improving cybersecurity across the transit industry, Cybrbase will be presenting and leading a featured workshop titled,
A Pragmatic Approach to Cyber Resilience. This interactive roundtable will focus on empowering transit teams, fostering cross-agency collaboration, and developing practical, actionable strategies to build cyber resilience—without requiring technical expertise.
In May 2025, Cybrbase co-founders Scott Belcher and Andy Souders co-authored a pivotal study titled Does the Transit Industry Understand the Risks of Cybersecurity and are the Risks Being Appropriately Prioritized?, published by the Mineta Transportation Institute . This comprehensive report assesses the cybersecurity readiness of public transit agencies across the United States, highlighting significant vulnerabilities, especially among small and rural operators.
The study reveals that despite the increasing sophistication of cyber threats, many transit agencies lack essential cybersecurity policies, procedures, and dedicated personnel. Notably, over a third of surveyed agencies have never conducted a cybersecurity assessment, underscoring a critical gap in preparedness.
Belcher and Souders advocate for targeted federal funding and the establishment of minimum cybersecurity standards to bolster the resilience of transit systems nationwide. Their recommendations aim to ensure that agencies, regardless of size, can effectively protect their operations and passengers from evolving cyber threats.
Read the full report here: Mineta Transportation Institute Report
In March, Cybrbase was proud to sponsor the 2025 CTAA Legislative Fly-In, an important annual event that brings together transit leaders from across the country to engage directly with policymakers in Washington, D.C.
As part of our sponsorship and participation, Cybrbase met with congressional staff and agency representatives to advocate for increased cybersecurity funding specifically targeted at small, rural, and mid-sized transit agencies. These systems are often overlooked despite being essential to local mobility and disproportionately vulnerable to cyber threats due to limited resources.
We emphasized the urgent need for dedicated funding, technical support, and awareness programs that help transit agencies protect their operations, passengers, and infrastructure from evolving cyber risks.
November 2024 - Cybrbase is excited to announce the launch of the CybrShield Collaborative™, an innovative and unique platform designed to revolutionize the way transit agencies approach cyber resilience. The CybrShield Collaborative™ brings together transit agencies of all sizes, fostering a trusted environment where they can share best practices, experiences, and strategies to collectively reduce their risk of a cyber event. Together, they are stronger and more resilient.
October 2024 - Cybrbase participated in the National Rural Transit Assistance Program (RTAP) webinar, Cybersecurity for Transit: What You Need to Know, along with Andrew Carpenter Director, N-CATT, Julia Castillo, Executive Director HIRTA Public Transit and Todd Chollet, Cyber Practice Lead at Sunstar Insurance. The webinar covered cybersecurity for transit basics and showed you where you can learn more. It provided guidance for small transit agencies on the actions to take to prevent, respond to, and recover from cyberattacks. Attendees learned practical steps they can implement right away.
Led by the Virginia Innovation Partnership Corporation (VIPC) Virginia Invests is a new initiative aimed at expanding investment and growth opportunities for Virginia-based, innovation-driven startups and entrepreneurial ecosystems throughout the Commonwealth. The objective of the conference is to showcase VA startups that have been founded since 2022 like Cybrbase, and provide the Governor an opportunity to interact with founders and their solutions/products.
Scott Belcher presented along with Todd Chollet, Risk Advisor and Cyber Practice Leader at Sunstar Insurance Group in a webinar moderated by Hilary Nixon, PhD, Deputy Executive Director of the Mineta Transportation Institute (MTI). The webinar discusses the concerns of increased cyberattacks, the average cost to recover and the impact both play on cyberinsurance coverage.
The report offers recommendations on cybersecurity risk management to transit providers, insurance companies, as well as the federal government.
Co-Founder Scott Belcher was named Principal Investigator on two new Mineta Transportation Institute (MTI) research documents. The first White Paper will focus on the state of cybersecurity insurance in transit. The second study will update the findings of MTI seminal study Is the Transit Industry Prepared for the Cyber Revolution? Policy Recommendations to Enhance Surface Transit Cyber Preparedness as well as gather cybersecurity investment data so that transit agencies can benchmark their investments in cybersecurity risk mitigation and resilience.
On October 18th, Co-Founder Scott Belcher presented to the U.S. Department of Transportation’s Cybersecurity Symposium on the necessity of cybersecurity assessments as a baseline for identifying cybersecurity risks and developing a cybersecurity plan.
Copyright © 2025 CYBRBASE - All Rights Reserved.