In the United States, the movement of goods via air, freight rail, trucking, and shipping is a billion-dollar industry where the trucking industry alone moves over 11billion tonnes of freight annually. Organization’s are more reliant on highly interconnected and complex transportation networks than ever for the movement of freight and the sector continues to grow and transform via innovation and technology. Unchecked,this increased interconnectivity invites increased cybersecurity risk. If this critical infrastructure sector is left vulnerable to cyberattacks, the nation could lose access to vital resources.
Along with the transportation of goods, vehicle fleets also include public transportation. These fleets need to ensure protection of operational data, financial and employment information, and in some cases, passenger data.
The Sunburst attack in December of 2020 exposed vast vulnerabilities within the transportation sector. From the San Francisco International Airport to the Department of Defense, over 18,000 US-based organizations had been breached, even more globally! Some had been compromised as far back as March of 2020.
By May 2021, following a compounding number of high profile ransomware attacks on US targets, President Biden issued an Executive Order to modernize Federal Government defenses and improve the security of technology. With the Biden administration expanding its role in improving the nation’s cybersecurity, new changes have been implemented to upgrade the transportation sector’s governance, risk, and compliance (GRC) regulations.
Overall, companies need to foster a risk-aware culture. Senior-level executives, operational technology (OT) employees, and information technology (IT) employees need to be cognizant of the risks, standards, and compliance requirements that come with each change.
Simply implementing a cybersecurity policy without a cohesive company-wide understanding of the implications would expose weak points for cybercriminals to take advantage of.
Security, like safety, requires checks similar to those that a driver carries out on a daily basis to ensure reliable delivery!
Cyber insurance companies also play a role in the cycle of ransomware attacks.
In the past when cyber insurance or affected companies have paid ransom amounts, the money is considered lost, however the FBI was able to track down 63.7 bitcoin of the 75-bitcoin ransom paid to hackers who had shut down Colonial Pipeline. Ransomware gangs are already switching to different payment tools and the scrutiny of insured companies' cybersecurity policies and programs are increasing.
Cybersecurity insurance is designed to protect businesses in the digital age and mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage. A business is responsible for its own cyber security, but in the event of a cyber attack having the right insurance will mean you aren’t alone. Any business that uses, sends or stores electronic data will benefit from cyber insurance. That data, whether it belongs to the business or is sensitive customer information, is vulnerable to cyber-attacks and data breaches; insurance can help with the cost of recovery.
For logistics and fleet operators, the impact of cyber incidents are different to other industries, so it's important to choose a provider with access to a panel of industry-specific vendors that provide tailored, fleet-specific services to get operations restored quickly.
Any cyber insurer is going to want to review a fleet’s business cyber policies and risks as part of the policy offering. Indeed, following on from the attack on Colonial Pipeline and the general increase in ransomware attacks, insurance companies are increasing the level of assessment required into a company’s cybersecurity programs and practices. This added layer of scrutiny could make premiums available at a variable rate depending on the risk associated with insuring each company. An assessment that helps you understand your strengths, weaknesses and address your gaps can help you save money on your cyber insurance premium.
As Fleets and transport networks invest in integrated risk management software and IT infrastructure to meet compliance requirements, a key component is being able to benchmark and regularly audit how risks have changed.
ShieldsUp are experts at handling incidents and can oversee incident response and remediation that compliments other protective cyber risk mitigations. Customers typically start by filling in a Cyber Readiness Assessment that takes 15 minutes to complete and provides a benchmark for your organization to assess how prepared you currently are for an attack. The service provides preferential rates and treatment with trusted cyber incident response and fleet vendors.
Our team of fleet cyber experts are here for you in the event of an attack. We'll work with your business continuity team and your existing partners to remediate an incident.
In the event that you need support - you will have access to our extensive network of approved vendors to ensure you return to business as usual as quickly as possible.
ShieldsUp Cyber Readiness AssessmentDeep-dive Onboarding Call with a Cyber ExpertBespoke Cyber Business Continuity Plan
24/7 HotlineIncident response manager Fleet-specific Incident Response Playbooks
Fleet-specific Vehicle, Hardware, & Software remediation servicesCyber forensics and remediation servicesLegal support