Rail transport faces escalating cyber and physical security challenges. This podcast highlights the increasing sophistication of cyberattacks, especially with the integration of AI, which can generate more convincing phishing attempts and rapidly assess vulnerabilities. China’s influence and potential threats are also a key concern, with the US implementing measures to restrict Chinese state-owned enterprises in the rail industry. European nations share similar worries, with concerns regarding fair bidding practises. Furthermore, the importance of physical security is underscored by sabotage and attacks on rail infrastructure. Despite awareness, a credibility gap exists between cybersecurity concerns expressed by experts and the investment made by organisations to mitigate these risks. The threats from both cyber and physical attacks are increasing, and the authorities must ensure the security of their infrastructures and suppliers.