The cybersecurity landscape is rapidly evolving due to artificial intelligence (AI), reshaping not only digital threats but also the security of our most critical physical infrastructure—like trains. After an in-depth conversation with Miki Shifman, Co-Founder and CTO of Cylus, it’s clearer to me than ever that cybersecurity must extend beyond traditional digital borders to address increasingly sophisticated threats against transportation systems.
Shifman, a seasoned cybersecurity expert and Israeli intelligence veteran (Unit 81), co-founded Cylus in 2017 specifically to address a glaring and underappreciated vulnerability: railways. Historically, rail safety focused exclusively on mechanical redundancy and human oversight. But today’s trains—high-speed, increasingly autonomous, and entirely dependent on digital systems—are exposed to unprecedented cyber risks. As Shifman succinctly explained, “The boundaries have been broken.”
Recent incidents underscore the severity. London’s railway network suffered a debilitating shutdown last September due to security-related disruptions, vividly demonstrating the economic and societal chaos cyberattacks on trains can cause. Imagine New York City’s subway network entirely halted: the repercussions would ripple far beyond transport, disrupting economic activity, healthcare access, and public safety.
According to Shifman, train cyber threats fall primarily into two categories: availability threats, where hackers halt train operations, and safety threats—potentially catastrophic scenarios involving collisions or derailments. Traditional railway systems weren’t built with cybersecurity in mind; encryption was minimal or nonexistent, and authentication processes were often rudimentary to maintain operational convenience. “Historically, cybersecurity wasn’t even considered in railway safety processes,” Shifman emphasized. This means vulnerabilities today aren’t just widespread; they’re fundamentally embedded.
The accelerating adoption of AI dramatically amplifies these threats. Shifman points out that, historically, sophisticated rail attacks required highly specialized knowledge, limiting the pool of potential attackers to nation-states or deeply skilled cybercriminals. But AI has dramatically lowered barriers to entry. Tools like ChatGPT enable less-experienced hackers—so-called “script kiddies”—to quickly gain expert-level insights into specialized rail protocols, dramatically expanding the threat landscape.
This lowered barrier to entry, Shifman believes, increases the urgency for stronger defenses. Regulatory bodies worldwide have begun responding, notably in the EU and the U.S., where railways are classified as critical infrastructure, compelling railway operators to significantly enhance their cybersecurity postures by 2025. Yet, operational realities require railways to integrate cybersecurity solutions in a way that ensures they do not interfere with safety, prioritizing a careful and non-intrusive approach.
However, AI isn’t solely empowering attackers; it’s also transforming defense capabilities. Cylus leverages AI to dramatically improve threat detection, operational efficiency, and real-time cybersecurity monitoring across train networks and stations. According to Shifman, AI allows Cylus to process vast amounts of data from multiple sources seamlessly, offering unprecedented insight into threats and reducing false positives—critical for avoiding unnecessary operational disruptions. “AI dramatically boosts productivity across the board, from rapid prototyping to advanced anomaly detection,” he explained.
Shifman also emphasized AI’s potential in streamlining notoriously complex regulatory compliance. The rail industry has always relied on extensive documentation and rigorous safety protocols. AI can automate substantial portions of these processes, significantly improving both security and efficiency. “AI helps turn compliance from a burden into an asset,” Shifman noted.
Reflecting on our conversation, my perspective is clear: we stand at the intersection of tremendous risk and enormous opportunity. Railway cybersecurity remains behind other critical infrastructure sectors—but the acceleration provided by AI offers a unique moment to leapfrog traditional hurdles. Organizations embracing AI-driven cybersecurity approaches can rapidly achieve protection that was unimaginable just a few years ago. Those slow to adapt may find themselves dangerously vulnerable in an environment where attackers increasingly leverage the very tools defenders now rely upon.
As our conversation concluded, I asked Shifman if he fully understands how AI will ultimately reshape his industry. “We’re still evolving our understanding,” he admitted candidly. “But ignoring AI simply isn’t an option. This technology changes the landscape weekly.” In my view, that mindset—alert, adaptable, and proactive—is exactly what the railway industry, and indeed all critical infrastructure sectors, urgently need today.
Michael Matias is the CEO and Co-Founder of Clarity, an AI-powered cybersecurity startup backed by venture capital firms including Bessemer Venture Partners and Walden Catalyst. Clarity develops advanced AI technologies protecting organizations from sophisticated phishing attacks and AI-generated social engineering threats, including deepfakes. Before founding Clarity, Matias studied Computer Science with a specialization in AI at Stanford University and led cybersecurity teams in Unit 8200 of the Israel Defense Forces. Forbes Israel recognized him early on, naming him to the exclusive 18Under18 list in 2013 and the Forbes 30Under30 list thereafter. Matias authored the book Age is Only an Int and hosts the podcast 20MinuteLeaders.
