Cybrbase, the transportation infrastructure cybersecurity firm has joined with the Illinois Department of Transportation (IDOT) to pilot a groundbreaking group-based cybersecurity vulnerability assessment across six small, and midsize rural Illinois transit agencies. These agencies include Decatur Public Transit System, Piatt County Public Transportation, QC Metrolink, Reagan Mass Transit and Warren County Public Transportation.

The pilot addresses the issue of cybersecurity among local agencies, often challenged by limited budgets and staff, and routinely left out of the cybersecurity conversation. It is designed to identify and mitigate security risks that could compromise public safety, transportation systems, and municipal operations, all at a significantly lower cost than traditional cybersecurity audits and without the disruption and potentially tremendous expense of responding to a cyberattack after the fact.

With cybersecurity threats to transportation infrastructure increasing and growing more sophisticated, IDOT took proactive steps to support an initial cohort of its transit agency partners. The Cybrbase approach is unique in its balance of privacy and collaboration. Each agency completes its assessment independently and confidentially, while still leveraging the non-competitive nature of public transit to engage in shared best practices, group discussions, and peer learning across the cohort.

The project simplifies cybersecurity assessments by leveraging Cybrbase’s proprietary NIST-CRR based platform powered by AI, making it easier for agencies to uncover critical vulnerabilities and develop risk mitigation strategies based on their risk tolerance and resources. “We are thrilled to be working with Illinois DOT on this pilot,” said Scott Belcher, Senior Advisor at Cybrbase, Mineta Transportation Institute (MTI) Research Associate, and former CEO of the Intelligent Transportation Society of America. “As a transportation leader, Illinois DOT is closely watched by other agencies around the nation who may not be aware that cybersecurity vulnerabilities exist among their transit agencies. This initiative is intended to close that gap.”

The collaboration comes on the heels of a recent MTI study titled, Does the Transit Industry Understand the Risks of Cybersecurity and are the Risks Being Appropriately Prioritized? which revealed persistent cybersecurity gaps in transit agencies in general, but particularly in small and rural transit agencies across the country noting that many of these agencies are challenged by outdated technology, and limited resources—making them particularly susceptible to cyberattacks.

Cybrbase’s pilot with IDOT aims not only to bolster local defenses but also to serve as a model, showcasing how state-level transportation agencies, insurance risk pools, and transit agencies can work collaboratively with their local transit agencies to create a more resilient transportation ecosystem.

(Pic: Cybrbase)