Increased threats, insufficient planning
A large, public mass transit agency oversees commuter rail operations for 6 counties across the state. The agency manages day-to-day operations, fare and service levels, finance, capital improvements, passenger safety, and system planning for a large and busy ridership.
Public transit is a key part of local government critical infrastructure—ensuring safe, reliable commutes for local citizens. With such an important function, transit agencies must stay ahead of cyber threats and remain protected.
This agency knew that, due to their position and size, they were an attractive target for attacks, and they were becoming increasingly vulnerable to cyber threats. Specifically, they needed assistance in:
- Processes and governance
- Visibility into assets and issues
- Accountability across departments
- Tools and technology to monitor cyber traffic
- Visibility and transparency into the assets connecting their networks
As such, the agency embarked on an initiative to improve monitoring capabilities, strengthen their cyber posture, and become better prepared. As they were aware that CAI was already working for the major metropolitan city in which the agency operates, they requested the assistance of a CAI cybersecurity team.
The CAI team provided assessment, advisory, and remediation services to improve the agency’s cyber posture. The agency partnered with CAI to:
- Assist in the development of missing governance policies
- Assess the technical ecosystem and identify vulnerabilities
- Formulate a roadmap and remediation plan
- Identify gaps and a prioritization methodology
- Advise on strategies, initiatives, and optimization such as tool selection and implementation
- Retest and measure remediation efforts to ensure they met intended benefits
The CAI team leveraged partners specializing in penetration testing as well as incident response to support this client. Both were subcontractors under CAI.
Alignment, flexibility, and improved security posture
This agency’s partnership with CAI allowed it to identify and assess its most critical cybersecurity demands. The team helped the agency identify vulnerabilities, define a long-term strategy, assess, and align security initiatives with the strategy.
They also helped execute a remediation plan to improve its security posture. CAI provided full-time access to security expertise and remediation guidance, with the flexibility to deliver services fully onsite, fully remote, or in a hybrid format.
With the help of CAI, the agency:
- Developed their first Incident Response Plan
- Established their vulnerability management process
- Established an asset management and tracking process
This client’s Incident Response Plan was reviewed by the Transportation Security Administration (TSA) and praised for its completeness and attention to detail.
With new processes and documentation in place, the agency is better able to protect itself from increasingly prominent cyber threats.
To learn more about creating an incident response plan and strengthening your organization’s cyber posture, check out Five proven ways to facilitate cybersecurity best practices.