From runways to railways | The new frontiers of transportation cybersecurity

The Data Chronicles

2025/10/27

Overview Shownote Highlights Transcript Chapters Pins

In this episode, host Scott Loughlin sits down with Adam Smith, Southwest Airlines’ Regulatory Lead for Cybersecurity, to dive into the high-stakes world of transportation cybersecurity. The conversation navigates the complex intersection of technology, policy, and public safety, highlighting how cyber threats in aviation extend far beyond data breaches—they can directly endanger lives.

The podcast explores the urgent challenges of securing critical transportation infrastructure in an era of escalating cyber threats. With no single authority overseeing transportation cybersecurity, agencies like DHS and DOT operate in overlapping domains, creating confusion during incidents. Reporting requirements are scattered and ambiguous, making compliance difficult without proactive planning and cross-functional coordination. Clear communication across airlines, regulators, and vendors is essential, especially when distinguishing real cyberattacks from technical failures. The discussion emphasizes the growing role of legal expertise in interpreting regulations and guiding incident response, while advocating for global standards through bodies like RTCA. Ultimately, building resilience requires collaboration, education, and integrated strategies that unite technical, legal, and operational teams across the sector.

04:04

Cyber issues in transportation can be life-and-death matters.

10:56

There is no single authority for transportation cybersecurity, leading to regulatory gaps filled by non-specialized entities.

21:42

Organizations must stress-test their incident response plans on smaller issues to be prepared for major crises

25:39

Regulators can be both service providers and auditors, complicating supply-chain oversight.

36:38

Lawyers are essential in helping technical teams use legal levers for cybersecurity compliance.