Technology advances are transforming the way all industries conduct business, including the transportation and trucking sector. The Internet of Things (IoT), for example, is integrating transportation and warehouse management solutions, connecting in-vehicle sensors and other integrated devices over the network. Embedded sensors in transport vehicles, containers, etc. continuously capture, share, and act on real-time data to improve the quality of customer service, enforce laws and regulations and reduce liability cost. These and other digital innovations, while providing many benefits for transportation companies, also widen the path to cyber security threats. In fact, the transportation and trucking sector is increasingly vulnerable to cyber threats as a result of “the growing reliance on cyber-based control, navigation, tracking, positioning and communications systems, as well as the ease with which malicious actors can exploit cyber systems serving transportation,” according to an analysis conducted by IBM.
Cyber criminals hack trucking companies for several reasons, including to steal cargo; gain access to customers through system connections; gain identity information credit cards and Personal Identifiable Information (PII), which can then be sold; prevent use of company website or information systems; obtain a company’s intellectual property; gain control of critical data to encrypt the information and ransom it; and to create fear and chaos by disrupting critical infrastructure; among others.
With so much as stake – including the cost to pinpoint vulnerabilities once a breach occurs, notification expenses if data has been compromised, third-party liability, extortion, business interruption, reputational damage, etc. – transportation companies need to create and maintain a cyber security plan. Following are several measures companies should implement:
- Train all applicable employees on the use of best practices when it comes to security protocol. Training should be conducted frequently, particularly when new technology is adopted. Employees should be trained on such issues as how to generate strong passwords, how to recognize phishing email scams, and how to properly encrypt emails that contain secure information.
- Run a comprehensive malware and antivirus program for both software and operating systems, and apply patches in a timely manner with a tool that can automate the process and provide compliance reporting.
- Update security patches and limit password attempts. It’s critical for a trucking company to be proactive when it comes to keeping its system codes updated.
- Create frequent backups and a “hacked” disaster recovery plan. Make sure a cloud-based backup is maintained, with a comprehensive plan in the event that there is a hack.
- Review the company’s IT environment for vulnerabilities and update systems accordingly. It’s important to stay one step ahead of hackers, and keep abreast of changes from password timeouts to new malware protection advances.
In addition to having strong cyber security protocols, a Cyber Liability insurance program should be in place to respond in the event of a breach or other cyber crime. RPS specializes in insuring the transportation industry and provides end-to-end coverage solutions, including cyber protection.