Many truckers might think all the hand-wringing over cybersecurity these days isn’t something they need to worry about. Hey, the thinking might go: I need to find and keep good drivers, ensure my equipment remains up and running, all while obtaining decent freight rates. Cybersecurity? That’s something Verizon, Apple, Google, and the rest of the big technology firms need to deal with.
That is until you realize just about everything in trucking – the trucks, trailers, tires, even the freight itself – is all rapidly being “plugged in” to the Internet via all sorts of sensors designed to collect, transmit, and even accept a wide variety of data.
“Cybersecurity is now a big concern across the entire organization; not just the IT [information technology] department,” warned Kurt Roemer, chief security strategist for Citrix, during a panel session here at the three-day 2017 in.sight user conference and exposition in Nashville, TN.
On top of that, “complexity is the enemy of security,” Roemer noted, which in terms of the systems required to manage our globe-spanning supply chains these days is all too true.
He pointed to a study Citrix compiled back in February with the Ponemon Institute that found many of the systems and people companies are putting in place to handle cyber threats are simply inadequate to the task.
Examples of major cybersecurity issues along those lines include:
- Poor security deployments: 70% said their organization had made investments in IT security technology that was not successfully deployed.
- Unapproved and rogue app deployments: 65% of respondents said their organization is not able to reduce the inherent risk of unapproved applications increasing risk, including from shadow IT.
- Unmanaged data at risk: 64% say their organization has no way to effectively reduce the inherent risk of “unmanaged data,” such as information downloaded onto USB drives, shared with third parties, or files with no expiration date.
- The talent pool is small: Only 40% said their organization is successfully hiring knowledgeable and experienced security practitioners.
On top of all that, Roemer emphasized that “the Internet is a bad neighborhood” and that trucking, like or not, is in the middle of it.
"There are IoT [Internet of Things] sensors now in trucks, trailers, even the freight itself,” he said. “Everything is now being connected to the Internet and thus is at risk."
Ron Godine, vice president of IT and cloud for TMW Systems, pointed to the infamous hacking attack against global ocean shipping giant Maersk back in June is an example of the kind of business fallout truckers might experience from a cybersecurity incident.
“Think about how ransomware took out Maersk; they could not serve their freight customers,” he said. “This is an example of the risks posed by cyberattacks.”
The heck of it is that cybersecurity today is all about risk and how you manage it because, in the words of Chris Sandberg, vice president of IT for PeopleNet, “nothing can be completely secure.”
He added that cyberattacks affect all modes of freight transportation now, not just trucks, and thus he suggested that cybersecurity “be viewed as a survival situation; act as if someone is always trying to take you out.”
A grim prescription, for sure, but perhaps one trucking needs to take to heart as the digital transformation occurring within global supply chains is only going to continue speeding up.