By November 2021, 37% of rail organizations were recruiting for cybersecurity talent, an increase from the year before, according to GlobalData. This increasing demand for talent may be indicative of greater focus on cybersecurity, following a year marked by digital attacks such as those targeting New York’s Metropolitan Transportation AuthorityCSX, and global railroads

The U.S. Department of Homeland Security designates the Transportation System Sector as one of 16 critical infrastructure sectors whose disruption would have a debilitating effect on our nation’s security. In light of these disruptive attacks, the U.S. Transportation Security Administration released official regulations for rail and rail transit groups designed to bolster cybersecurity risk management.

Shift5 and RailwayAge are gathering several industry luminaries to dig into these regulations and how rail executives can navigate them. Please join us for our upcoming webinar here.

TSA Regulations and Rail Cybersecurity in 2022

In December 2021, the U.S. Transportation Security Administration deployed a Security Directive that shined a spotlight on rail cybersecurity following a series of global cyberattacks that occurred at the New York Metropolitan Transportation Authority, Class I CSX and short-line operator OmniTRAX, as well as several rail companies around the globe. The TSA regulations took effect December 31, and rail operators across the U.S. are facing looming deadlines. But achieving compliance across the four required TSA mandates isn’t a quick fix, and the regulations spark additional questions: Why is the federal government rapidly getting involved in rail cybersecurity? What kind of cyberattacks are now targeting rail systems and rolling stock, and what’s next? Are rail cybersecurity measures in place sufficient to fend off sophisticated attacks? Are existing rail technology platforms such as PTC and onboard/wayside fault detection and health monitoring capable of supporting cybersecurity measures?

Join Railway Age Editor in Chief William C. Vantuono as he moderates an in-depth discussion with transportation technology and regulatory expert Scott Belcher, CEO of SFB Consulting, LLC; rail cybersecurity expert Josh Lospinoso, CEO and co-founder of Shift5; New Jersey Transit Chief Information Security Officer Rafi Khan; and long-time rail executive and investor Gil Lamphere, Chairman of MidRail LLC. They will dissect TSA’s federally mandated Security Directive, take you through the cybersecurity risks targeting the rail industry, and provide best practices for managing cybersecurity threats in 2022 and beyond.

DATE: Thursday, January 27

TIME: 2:00 – 3:00pm ET

Webinar Penlists

William Vantuono
Editor in Chief, RailwayAge Magazine

Rafi Khan
CISO, New Jersey Transit

Josh Lospinoso
CEO and co-founder, Shift5

Scott Belcher,
CEO of SFB Consulting, LLC

Gil Lamphere
Chairman of MidRail LLC

We look forward to seeing you there. Register for the webinar here, and follow Shift5 on Twitter and LinkedIn for more. 

About Shift5
Shift5 is the OT cybersecurity company that protects the world’s transportation infrastructure and weapons systems from cyberattacks. Created by founding members of the U.S. Army Cyber Command who pioneered modern weapons system cyber assessments, Shift5 defends military platforms and commercial transportation systems against malicious actors and operational failures. Customers rely on Shift5 to detect threats and maintain the resilience of a wide variety of operational technology systems, including aviation, rail and metro, defense, helicopters, and other heavy fleet machinery. For more information, visit