The transportation industry has become a priority target for cybercriminals. In fact, it’s currently the second-most sought-after industry at 13% of all cyber-attacks.1

From social engineering to ransomware to a hacker remotely taking control of a WiFi-enabled vehicle, fleet carriers both large and small are vulnerable targets. Smaller carriers are likely to be pursued because of their lack of internal controls, while larger carriers can produce a bigger payday for hackers.

Consider the following best practices for safeguarding your vehicles and internal operations from cyber criminals:

  1. Training: Front-end prevention. Front-end prevention. Educating your staff on social engineering will help prevent fraudulent invoices from being paid, and/or goods from being delivered to the wrong location. Teach your employees to read into any changes in payment preference for regular customers and how to recognize a phishing email.
  2. Write an incident response plan. Don’t wait until you get a call at midnight that your network is locked up or has been attacked to create a plan. Start by answering the following questions today: Which internal team member will take the lead post-cyber attack? Which state and local authorities must be notified? In which situations will you pay a requested ransom? Know who is a part of the response team, both internal and external to the organization, including a privacy attorney, cyber forensics team, PR response.
  3. Be a third-party watch dog. Talk to your third-party contractors – specifically those with whom you’re entrusting your customer and employee data – to find out what their front-end prevention looks like. As many as 53% of organizations have experienced one or more data breaches caused by a third party.2
  4. Conduct annual penetration testing. During a penetration test, a data breach/cyber hack is stimulated by an external company in search of your system vulnerabilities. Don’t reveal information about the penetration test to the internal team so the test can double as an assessment of your incident response plan as well.
  5. Stay up-to-date on software patches. Software patches can prevent breaches, but only when they’re up-to-date. Consider this a part of your IT department’s regular operations and maintenance.
  6. Engage cyber insurance. Today’s cyber insurance policies are much more robust than offerings just a few years ago. They may include coverage for social engineering, business interruption and should provide fleet carriers with an IT forensics expert and privacy attorney, both who specialize in data breaches and will be prepared to take your call immediately upon breach detection.

Contact your HUB cyber security expert for more information on safeguarding your fleet from a cyber attack or data breach.

1 https://newsroom.ibm.com/2019-05-21-IBM-Security-Cybersecurity-Threats-Growing-In-Travel-and-Transportation-Industries

2 https://www.cybergrx.com/ponemon-third-party-cyber-risk-management-report/