Cyber-crime is a major and fast-increasing threat to businesses, including transportation companies, which costs the global economy approximately $445 billion a year and reaching $108 billion annually in the U.S., according to a new report compiled by insurance firm Allianz Global Corporate & Specialty (AGCS).
Fleet Owner reports:
“As recently as 15 years ago, cyber-attacks were fairly rudimentary and typically the work of hacktivists, but with increasing interconnectivity, globalization and the commercialization of cyber-crime, there has been an explosion in both frequency and severity of cyber-attacks,” said Chris Fischer Hirs, AGCS’s CEO, in a statement.
The transportation industry, especially trucking, is directly in the crosshairs, as many carriers continue rely on a “patchwork” of different information technology (IT) systems to conduct business electronically, Matt Foroughi, VP of information security for the Descartes Systems Group, tells Fleet Owner.
“In particular, they may have many different legacy systems spread across a wide geography. Patching and staying up to date is essential. They should also be sure to use secure communication protocols when communicating with third parties.”
The value of data and the need to offer greater protection for it is also going to drive the cost of cyber-specific insurance policies higher, noted AGCS in its report. Premiums for cyber insurance are projected to grow globally from $2 billion per annum today to over $20 billion over the next decade; a compound annual growth rate of over 20%.
“Previously, attention has largely been focused on the threat of corporate data breaches and privacy concerns,” noted Paul Schiavone, regional head of financial lines in North America for AGCS. “But the new generation of cyber risk is more complex [as] future threats will come from intellectual property theft, cyber extortion and the impact of business interruption following a cyber-attack or from operational or technical failure; a risk which is often underestimated.”
Schiavone believes within the next five to 10 years, “business interruption” will be seen as a key risk and a major element of the cyber insurance landscape, not only affecting IT computer systems, but also extending to industrial control systems (ICS) used by energy companies or robots used in manufacturing.
Increasing inter-connectivity of everyday devices and growing reliance on real-time data – dubbed the “Internet of Things” – will create further vulnerabilities, he added.
“Some estimates suggest that a trillion devices could be connected by 2020, while it is also forecast that as many as 50 billion machines could be exchanging data daily,” he noted. “ICS are another area of concern as a number of these still in use today were designed before cyber security became a priority issue. An attack against an ICS could result in physical damage such as fire or explosion, as well as business interruption.”
Where trucking is concerned, Descartes’s Foroughi offers some IT security tips for trucking companies:
- Always run supported software, operating systems and hardware and apply patches in a timely manner with a tool that can automate the process and provide compliance reporting;
- Train your staff in security concepts;
- Run a centrally-managed antivirus program that updates signatures frequently and protect all Operating systems;
- Collect and correlate your log sources for global awareness is essential;
- Have frequent backups and disaster recovery plans;
- Scan your environment for vulnerabilities frequently, and remediate the findings.