ISAAC’s IT Director Shares Tips on How Fleets Can Protect Themselves
COVID-19 has altered nearly every aspect of our professional and personal lives over the past two years. The pandemic has also provided hackers and cybercriminals new ways to exploit unprepared companies, many of whom are still scrambling to update their security plans.
“It’s a matter of when—not if—you have a security incident,” says Joe Russo, head of IT and security for ISAAC. Russo was featured in a recent cybersecurity article published by Transport Topics
Not only are the number of data breaches increasing, according to IBM Security, but the average cost reached $4.2 million in 2021, with $1.07 million attributed to COVID-related remote work. “Over the last year, technology sophistication, the proliferation of hacking techniques, and heightened hacking motivation due in part to COVID-19 and the enablement of the remote workforce have resulted in organizations having to review their security posture,” says Russo.
What all fleets should know
For many companies, security plans that were developed before the pandemic plans are too generic for the evolving nature of today’s cyberthreats. It’s important those companies understand what assets are at risk, and the amount of data flowing between trucks and the back office. Hackers are looking for information such as credit card information and credentials to access internal systems—anything that could get a foot in the door.
The increased use of personal laptops for remote work during the pandemic has left many companies vulnerable to hacking attempts. The proliferation of IoT devices in trucks and the rollout of 5G technology are additional factors making the transportation sector particularly enticing to cybercriminals. In fact, an estimated 70% of online fraud is attempted through mobile platforms.
However, hackers are still finding success utilizing old-school methods such as phishing emails and social engineering, such as impersonating someone who needs access to critical information over the telephone.
“The reality is that the odds always favor a determined hacker, who only has to be successful one time, as opposed to companies that need to be successful in defending against threats all of the time,” says Russo.
How fleets can protect themselves
Following industry best practices and seeking out service providers that can help develop partnerships are two of the most straightforward methods even the smallest fleets can use to ramp up their security efforts.
Here are some questions fleets should ask themselves:
Are we scanning our systems on a regular basis?
Are we installing security patches as soon as they become available?
Do we have a complete inventory of assets?
Do we know where data is stored?
Cybersecurity at ISAAC
Russo stresses technology alone will not increase a company’s security posture; users need to be part of the comprehensive solution.
Those words are put into practice at ISAAC, where there is mandatory, interactive cybersecurity training for every ISAAC team member on an annual basis. There is also targeted training, based on their role with the organization.
ISAAC takes great care in protecting fleet clients’ data, which Russo considers every company’s “most prized asset.”
By manufacturing the hardware device and the software that runs on it, ISAAC provides a higher level of protection than that of other devices on the market. Encryption and other security measures are also in place to mitigate the possibility of a driver falling victim to ransomware or a phishing attempt.
ISAAC has partnered with key vendors to further enhance security through automation, and is working toward complete ISO 27001 compliance, which is an international standard on how to manage information security. ISO 27001 details requirements for establishing, implementing and continually improving an information security management system.
At ISAAC, we always know where the data is and how much value it has for your organization.
