Cybersecurity breaches are on the rise. Due to increased network interconnection, industrial systems are becoming more attractive targets for such attacks. Therefore, various industries must acquire knowledge and experience regarding cybersecurity for their IT and OT systems. One such sector is the safety-critical railway and public transport sector. Technological leaps like digital interlocking, fifth-generation networking, and the move from proprietary field busses to IP networking are driving the sector into an inter-connected age. This work scrutinizes the sector’s cybersecurity awareness, knowledge, and preparedness. To this end, we created a two-stage study comprising a quantitative online survey to gain comprehensive insight and qualitative interviews to deepen selected issues in a SWOT analysis. The results show that the sector still has a long way to go regarding cybersecurity, with the average company not meeting basic implementation levels. Furthermore, we identified multiple factors contributing to this result. Key issues are a lack of staff and management sensitivity to cybersecurity and support from authorities.