In today’s increasingly digital world, the safety and security of transit systems have become vital components of transportation infrastructure. With rail and transit networks serving millions of passengers daily, the stakes for cybersecurity have never been higher.
To better understand the challenges and opportunities in this space, we spoke with Hadi Meshgi, PhD, PE, CISSP, Transit Communications and Systems Engineering Lead at VHB, about the evolving landscape of cybersecurity, the critical role of advanced technologies, and strategies for building resilience into modern transportation systems.
VHB: Could you explain why safety and security are so critical in today’s transportation systems?
Hadi: Safety and security are the cornerstones of reliable transportation. Railway and other transit systems are deemed safety-critical because their failures can result in human fatalities or catastrophic events. While safety focuses on preventing accidents and protecting passengers and staff, security aims to protect railway systems, infrastructure, and users from intentional harm caused by malicious activities such as sabotage and cyberattacks. These two priorities are closely linked—a cybersecurity breach can directly impact safety; for instance, an external attack can compromise the availability and/or safety of a train signaling system.
By making safety and security a top priority, transit agencies build public trust and encourage greater ridership. Additionally, a robust safety and security framework minimizes economic risks and helps agencies allocate resources more effectively.
VHB: You mentioned cybersecurity breaches—what kinds of cyber threats are transit systems facing today?
Hadi: The threat landscape is incredibly dynamic, and critical infrastructure, like rail and transit systems, are prime targets for cybercriminals. The digital transformation within the rail transport industry has created new opportunities for these malicious actors. Cyberattacks such as ransomware, malware, phishing schemes, and denial-of-service attacks are growing more sophisticated. Social engineering, for instance, often preys on human psychology—manipulating employees into clicking malicious links or revealing sensitive information. An example of this could be an attacker posing as a contractor to gain access to critical information.
Thankfully, the industry is recognizing passenger safety and cybersecurity go hand in hand. Agencies are strengthening defenses, addressing outdated systems and weak protocols. Staying ahead requires constant monitoring and proactive risk management.
VHB: Are there specific challenges or misconceptions that make it harder for agencies to strengthen cybersecurity?
Hadi: Definitely. A common misconception is that cybersecurity is secondary to physical security, but both are equally important. Agencies must integrate security at every level with a “Secure by Design” approach, training staff and embedding cybersecurity from the start.
Another myth is the “if it isn’t broken, don’t fix it” mindset. Outdated systems often lack regular updates, leaving them vulnerable to attacks. Effective patch management is key to avoiding risks and it requires staying updated on new vulnerabilities and keeping a comprehensive inventory of assets and software.
Lastly, a major misconception is that cybersecurity measures are too expensive to prioritize. While it’s true the benefits aren’t always immediately visible—unlike, say, the installation of a new ticket machine—robust cybersecurity protects systems and data behind the scenes. Over time, it proves to be a cost-effective investment by preventing disruptions.
VHB: How are new technologies like AI helping improve cybersecurity?
Hadi: Advanced technologies are game changers for cybersecurity. AI helps agencies to detect threats in real time, automate responses, and analyze large volumes of data to spot unusual activities. It can flag unauthorized access or anomalies in a critical network, helping agencies act quickly. Deep learning and generative AI can also be used to create chatbots that provide specialized guidance in Operational Technology (OT) and Cybersecurity.
Technologies like Security Information and Event Management (SIEM) systems and the Internet of Things (IoT) also enhance real-time threat detection. SIEM aggregates data from multiple sources and analyzes it for potential breaches, allowing for faster incident response. When combined with IoT, these tools provide better visibility into hidden vulnerabilities, fortifying systems against evolving threats.
That said, managing these tools can be complex. Industrial systems generate a huge amount of data, so it’s important to use smart filtering to focus on the most critical threats.
VHB: For agencies just starting their security modernization journey, what steps should they take to build a solid foundation?
Hadi: Building secure systems starts with thoughtful design and planning. An important first step is adopting a defense-in-depth strategy that involves specifying zones and their connections via conduits, creating defensive layers like a fortress. Much like a fortress, rail infrastructure and rolling stock have long life cycles and security can’t be a one-time effort. Regular maintenance, security assessments, and swift responses to vulnerabilities are essential to staying ahead of evolving threats.
By following risk management practices aligned with cybersecurity laws and regulations, agencies can create a strong, adaptable security framework that protects their systems for the long term.
Want to learn how VHB can support your transit and rail projects? Reach out to Hadi Meshgi to explore solutions that enhance safety, efficiency, and innovation.
