Cybrbase piloting cybersecurity assessment with midsize, rural Illinois transit agencies

    June 6, 2025
    The pilot addresses the issue of cybersecurity among local agencies, often challenged by limited budgets and staff.
    Related To:

    Cybrbase is working with the Illinois Department of Transportation (IDOT) to pilot a group-based cybersecurity vulnerability assessment across six small and midsize rural Illinois transit agencies, including Decatur Public Transit System, Piatt County Public Transportation, QC Metrolink, Reagan Mass Transit and Warren County Public Transportation.

    The pilot aims to address the issue of cybersecurity among local agencies, often challenged by limited budgets and staff. It is designed to identify and mitigate security risks that could compromise public safety, transportation systems and municipal operations at a lower cost than traditional cybersecurity audits.

    Cybrbase says IDOT took proactive steps to support an initial cohort of its transit agency partners, noting that this approach is unique in its balance of privacy and collaboration. Each agency completes its assessment independently and confidentially, while still leveraging the non-competitive nature of public transit to engage in shared best practices, group discussions and peer learning across the cohort.

    The project aims to simplify cybersecurity assessments by leveraging Cybrbase’s NIST-CRR-based platform powered by artificial intelligence, helping to make it easier for agencies to uncover critical vulnerabilities and develop risk mitigation strategies based on their risk tolerance and resources.

    “We are thrilled to be working with Illinois DOT on this pilot,” said Scott Belcher, senior advisor, Cybrbase, and research associate at the Mineta Transportation Institute (MTI). “As a transportation leader, Illinois DOT is closely watched by other agencies around the nation who may not be aware that cybersecurity vulnerabilities exist among their transit agencies. This initiative is intended to close that gap.”

    The collaboration comes on the heels of a recent MTI study, Does the Transit Industry Understand the Risks of Cybersecurity and are the Risks Being Appropriately Prioritized? The study revealed persistent cybersecurity gaps in transit agencies in general, but particularly in small and rural transit agencies across the country. The study showed that many of these agencies are challenged by outdated technology and limited resources, making them particularly susceptible to cyberattacks.

    Cybrbase says its pilot with IDOT aims not only to bolster local defenses but also to serve as a model, showcasing how state-level transportation agencies, insurance risk pools and transit agencies can work collaboratively with their local transit agencies to create a more resilient transportation ecosystem.