Cyber Security/Response Plan Preparedness in Trucking
Cyber Security/Response Plan Preparedness in Trucking
Authored by Lindsay Timcke ; Director, IT & Cyber
Going back 10-20 years ago the biggest threats to your trucking business were fuel costs, the weather and staffing. Then, almost appearing overnight the internet came into the picture and soon dominated the conversations surrounding Incident Response (IR), Disaster Recovery (DR) and Business Continuity Plan (BCP). As the last decade has transpired we can see that natural disasters, the weather and other possible risks to your business take a back seat to cyber attacks. The conversation now centers around how well prepared your organization is and how effectively your team can respond.
Imagine that a cyber attack hits your organization on the Friday before a long weekend in the summer. Initially, employees report slowness on your network and a few drivers have radioed in that they are having trouble with their navigation systems. Less than an hour after the first report of system slowness, the malware runs its course and has successfully encrypted all of your major systems such as dispatching, fuel management, accounting, and safety.
It is at this moment that your IR, DR, and BCP plans should be able to help you navigate the issues that arise from this. Here are a few questions you should ask to see if your plans are solid.
- Immediately check in with the drivers to confirm their safety and get a location.
- If normal means of communication are impacted, do we have valid personal phone numbers?
- Who is in charge? Is one person running IR, DR, and BCP? Are they three separate people or is it a third party?
- Do we need to contact the legal authorities?
- Where is the fleet, what are their ETA’s at respective locations?
- Do we need to contact any facilities that we are running late? Do we have relevant and accurate numbers and contacts?
- Understanding our backup and recovery posture for all major systems. Do we know what systems have been backed up, to what point in time, have they been infected?
- Now there has been contact for a ransom to be paid. Do we pay? Has anyone contacted legal, do we have insurance for this? Do we contact the press?
- Where do we stand with regulations, do we have any reporting requirements?
A well designed plan should address areas deemed to be highest risk to the organization. Conducting a comprehensive risk assessment prior to the completion of any IR or BCP plans is essential as it creates a road map for their design.
Lastly, once a plan has been designed, the risk assessment is completed and the RTO’s (Recovery Time Objectives) and the RPO’s (Recovery Point Objectives) for each critical system has been defined, the next step is to facilitate real life scenarios in the form of tabletop exercises. The organization should complete at least two of these exercises per year.
A tabletop exercise is a scenario that is done with any combination of staff, management, “C” level executives and board members in attendance. The scenarios are designed to present real-life scenarios that dive into areas in the organization where there may be gaps in procedures. The following are some questions that may close some gaps in a tabletop exercise.
- What secondary methods for contacting drivers exist if dispatch is down?
- Is the driver contact list written down and up to date?
- Do people who will need to contact the drivers know where the list is?
How can CLA help?
CLA’s cybersecurity and data privacy team has years of experience developing policy, performing vendor review assessments, application review, responding to cyber incidents and helping prevent them. Please contact us to help in assessing and mitigating your risk for a cyber attack.
Kadian currently works with the Information Security Services Group as well as higher education group providing compliance services, outsourcing and co-sourcing engagements and information security assessments.
Comments are closed.