Transportation security is built around motion. Riders, freight, fleets, auctions, logistics platforms, public transit systems, and supply chains all depend on technology that has to stay available while risk keeps changing. The CISOs in this group work in environments shaped by operational technology, cloud migration, compliance, logistics modernization, public infrastructure, high-availability systems, and the protection of data, platforms, and critical services.
Rafi Khan – CISO, NJ TRANSIT
Rafi Khan leads cybersecurity at NJ TRANSIT, America’s third-largest transit agency, where a quarter billion riders depend each year on systems that support safe and reliable mobility. His role spans operational technology, IT infrastructure, federal regulatory compliance, and a nearly $5 billion operating environment. Under his leadership, NJ TRANSIT became the first transit agency in the United States to achieve both ISO 27001 and ISO 22301 certification, now in its fifth consecutive year, while maintaining continuous TSA Security Directive compliance since 2021. Khan also co-developed APTA’s Operational Technology Cybersecurity Maturity Framework, a standard for maturing OT cybersecurity in public transit, and NJ TRANSIT was named a 2024 CSO 50 Award winner for security initiatives demonstrating business value. His path into cybersecurity began in nuclear medicine, a field built on precision, data privacy awareness, and human impact, before he moved into technology leadership roles that included VP, CIO, and CISO at Edible Arrangements and Edible Brands.
Guy Dulberger – CISO, RB Global Inc.
Guy Dulberger serves as CISO at RB Global, where he leads cybersecurity, network security, and information security strategy for the world’s largest industrial auctioneer and marketplace. His role centers on protecting the company’s data, technology, and brand integrity while supporting a business that has moved deeper into digital operations and online auctions. Dulberger has more than 15 years of cybersecurity experience and has held leadership roles at organizations such as Maru/Matchbox, The Carlyle Group, Diversified Global Asset Management, Morneau Shepell, and IBM. His earlier career included work in healthcare projects, large call centers, security projects at IBM, and high-availability systems in the investment sector. At RB Global, he became the company’s first cybersecurity executive and was tasked with building a cybersecurity function as the business transformed into a more technology-driven marketplace. He is also certified as an Ethical Hacker and Hacking Forensics Investigator through EC-Council University.
John Pall – CTO & CISO, Benore Logistic Systems, Inc.
Transportation and logistics modernization give John Pall’s CTO and CISO role at Benore Logistic Systems a dual mandate: protect the business while reshaping the technology that runs it. He has led cloud migration, Office 365 transition, disaster recovery and contingency planning, incident response frameworks, AI-driven threat intelligence, and enterprise cybersecurity strategy aligned with ISO, TISAX, and GDPR. Pall has also integrated AI and ML tools into Benore’s supply chain, ERP, and manufacturing environments, supporting automotive OEM customer needs while improving operational efficiency. His work includes warehouse modernization through Warehouse Management Systems such as Blue Yonder, Oracle, and ASP, along with Salesforce and HubSpot transition work that improved revenue visibility. Earlier at FedEx and YRCW, he led major IoT, RFID, enterprise software, fleet technology, and merger integration initiatives. His profile sits at the point where cybersecurity, logistics operations, cloud systems, warehouse technology, and supply chain automation meet.
John Kiczek – CISO, CapMetro
John Kiczek serves as VP, Chief Information Security Officer at CapMetro, following a career that includes CIO, database administration, development, and information technology leadership. His background includes performance tuning, requirements analysis, VMware ESX, Oracle Database, and multiple development languages. That technical foundation gives his CISO role a broad systems perspective inside a public transit organization. Kiczek’s profile is more concise than others in this group, but the available career path points to a security leader with hands-on experience in infrastructure, applications, databases, and IT services before taking on cybersecurity leadership at CapMetro.
Pete Statia – CISO, Saia Inc.
The CISO role at Saia Inc. follows Pete Statia’s earlier work inside the company as Director of Information Security and Compliance. He became CISO in May 2026 after nearly five years leading information security and compliance work for the organization. Statia’s background emphasizes technology leadership, business-aligned solutions, policies and procedures, executive leadership, operational problem-solving, and the use of data analytics and strategy to influence security decisions. He is also a founding member of GeorgiaCISO, a peer leadership network for chief information security officers. At Saia, his progression reflects a common transportation security pattern: cybersecurity leadership grows from the need to align technical controls, compliance, operations, and customer-focused business priorities.
Transportation Security Has to Keep Moving
The common thread in transportation cybersecurity is continuity. Public transit agencies, logistics providers, freight operators, industrial marketplaces, and mobility systems cannot treat security as a pause button. These CISOs show different sides of that work, from OT security and federal compliance to cloud migration, incident response, AI-enabled logistics, high-availability platforms, and security governance. In transportation, cybersecurity is not only about protecting systems. It is about keeping people, goods, services, and business operations moving with trust intact.
John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.