Cybersecurity Priorities in the Pandemic Age
Ransomware and other cybersecurity threats show no sign of slowing down. In 2021, there was an 82% rise in ransomware-related data leaks, according to a CrowdStrike intelligence report.
Trucking companies already face plenty of challenges, such as driver retention and fuel costs. A ransomware attack that locks crucial systems behind encryption is a challenge that’s best avoided. Prevention is always the best cure for cyberattacks.
Part of the rise in ransomware can be attributed to disruptions created by the pandemic. Working from home and hybrid work models have become the de facto approach. IT teams quickly rose to the challenge of enabling remote work, and they must continue to adapt to secure systems.
The FBI reported a total of $6.9 billion in losses due to cybercrime in 2021—a 7% rise year-over-year. Fleets must understand the growing threat of cyberattacks and act now to prevent ransomware and other types of intrusions.
Ransomware declared a national security issue
In 2021, ransomware attacks that exploited flaws in widely used software from vendors such as Kaseya, SolarWinds, and Microsoft affected many companies and saw record-breaking ransomware payments made to state-sponsored cybercriminal groups. This includes a $70 million ransom demand from the “REvil” gang that created a Ransomware-as-a-Service (RaaS) ring.
Attacks on U.S. infrastructure and government agencies prompted the White House to treat ransomware as a matter of national security. The U.S. government decided to establish new mechanisms to address the threat. Plans include new funding to support ransomware response, a mandate for organizations to report incidents, and to consider the alternatives before paying a ransom.
A recent survey by UpCity revealed that 50% of small and midsize businesses have a cybersecurity plan. Fleets without an updated plan must act now to improve short-term and long-term cybersecurity.
How can trucking companies protect against ransomware?
A strong defense against cyberattacks requires a fleet-wide commitment to digital security. Some measures can be adopted quickly, while others require long-term planning and a greater investment in cybersecurity resources.
Deploy quick stopgap measures right now
Start with stopgap measures and quick wins that can be implemented immediately to improve security. Examples of easy-to-deploy security measures include:
- Revise existing cyber risk guidelines and requirements.
- Set up two-factor authentication and strong password policies.
- Establish a security culture with regular training.
- Control how employees access data and use the company network.
- Govern how employees communicate over the company network.
Develop a comprehensive long-term cyber strategy
Start to review your current technology stack and security infrastructure as soon as possible. Some changes may take years to implement, while other improvements will be accomplished in a shorter timeframe.
Common improvements include investments in automation, advanced analytics, and other systems that improve the effectiveness of security processes. There should also be mechanisms developed that help measure how changes in your security program reduce risks after each initiative is rolled out.
These are some key questions that your long-term cybersecurity strategy should answer:
- Does the security team have the expertise needed to tackle all technical challenges?
- Is there a full understanding of vulnerabilities within core, critical business functions?
- Have we invested enough to ensure that our cybersecurity provides sufficient protection?
Create an in-depth ransomware incident response plan
A ransomware incident response plan provides clear guidance on how to proceed if an attack occurs. This plan should begin by quantifying your ransomware risk, including potential attack vectors and key systems that should be prioritized. Many organizations already run tabletop exercises for business continuity planning (BCP). Adding ransomware plans to your BCP framework is a natural extension of preparing for all potential business disruptions.
Reduce your exposure to ransomware
People are the last line of defense against ransomware. Improve awareness of phishing by training people to recognize attacks and how to avoid them. Strengthen front-line defenses by deploying AI tools that help to flag attacks automatically. Evaluate a zero-trust approach for your security framework and review your use of remote desktop protocol (RDP), secure shell protocol (SSH), and virtual private networks (VPN). Don’t forget to implement multi-factor authentication.
Reduce work-from-home risks
If your remote workforce uses their own personal computers and devices to access your company’s applications and data, securing those endpoints must be a top priority. Devices that haven’t been fully secured provide a location that’s easier to attack. Embrace technologies that help reduce the attack surface of unmanaged devices, such as:
- Mobile Device Management (MDM)
- Mobile application management (MAM)
- Network access control (NAC)
- Browser isolation solutions
Step up cyber training and exercises
Regularly review, recalibrate, and readjust cyber awareness programs to measure, track, and improve the cyber risk culture of your organisation. This includes timely communication and briefings about new threats, security policies, and systems implemented to reduce risk.
Include security in vendor contracts
Security must be built into vendor contracts to reduce the risks of partnerships that involve shared data and systems. Fleets should be specific about expected security obligations, procedures, and how security regulations will be enforced. Contracts can also extend to any third parties that your vendor works with, even if you don’t have direct interactions with the third party.
Cybersecurity must be a business-wide concern
ISAAC recently completed an 18-month process to become fully certified for ISO 27001 standards—one of the most stringent security standards available for organizations. This shows our commitment to cybersecurity for our clients, partners, and ourselves. We know that keeping ourselves safe improves security for everyone we collaborate with, including fleets.
Learn how the ISAAC solution helps to simplify trucking while maintaining a secure digital ecosystem.
About the author
Joe Russo, Vice President IT & security
Joe Russo, VP IT & Security at ISAAC, is an IT Executive with over 20 years’ experience leading IT teams in multinational environments and various sectors: banking, pharma, transportation and technology services. He has held senior leadership roles in Switzerland at Morgan Stanley and the Bank for International Settlements, and then in Montreal at McKesson Canada, Syntax and CN Rail. His experience in aligning IT strategy with corporate strategy makes him a strong transformational leader who excels at overcoming technical, cross-cultural and organizational challenges to solve business challenges. Joe holds a MSc in Information Technology & Management from Sheffield University, completed the Mini-MBA program at McGill University and holds the CISSP certification.