[Stay on top of transportation news: Get TTNews in your inbox.]
Humans are the greatest asset and vulnerability for logistics companies in today’s cybersecurity landscape. While skilled employees provide invaluable adaptability and creativity, human error can inadvertently expose organizations to crippling risks. This double-edged sword is evident in Hexnode research into 1,000 IT professionals across the supply chain sector.
The findings paint a concerning picture: 41% of employees rate themselves as only moderately skilled with their company’s security tools, while 30% encounter challenges receiving adequate IT assistance when issues arise. This lack of training and support, coupled with weak endpoints that aren’t sufficiently patched and protected, creates vulnerabilities that malicious actors are eager to exploit.
However, this predicament presents an opportunity. By recognizing the human element as a risk and powerful asset, logistics companies can transform their workforce into a formidable “human firewall” — a resilient frontline defense that can proactively report and respond to threats as they happen. Let’s explore how.
The People Problem
Pavithran
Human error poses a security risk on a global scale, even surpassing the threat of hacking. However, this risk is particularly severe in the transport and logistics sector, in which 49% of organizations reported in 2023 a link between human error and a cybersecurity breach within the past two years, according to Kaspersky research.
Whether succumbing to phishing scams, clicking on malicious links or unwittingly divulging sensitive information, employees can become weak links in the cybersecurity chain. Therefore, fostering a culture that engages employees in cybersecurity is key.
Stronger Endpoints, Stronger Defenses
Companies also must ensure their workforces are only paired with strong and updated devices.
Alarmingly, 40% of respondents in the Hexnode survey share that their organizations aren’t regularly updating or patching their systems. Further, 35% of employees observe that their organizations only adhere to basic password policies for convenience, with about 6% lacking a password policy altogether.
The issue starts to come into further focus when noting that 33% of organizations also lack strict endpoint compliance policies. With an array of endpoints permeating the supply chain — including handheld bar code scanners, RFID readers and GPS-enabled tablets — organizations must support their employees and develop robust strategies to address noncompliant devices. These devices are crucial for logistics, enabling real-time data collection, inventory management and shipment tracking. However, their mobility and connectivity also make them vulnerable to cyberthreats. Unsecured endpoints can lead to data breaches, malware infections and operational disruptions, potentially resulting in costly delays, a damaged reputation and significant financial losses.
These findings should raise red flags, as neglecting fundamental security measures can have far-reaching consequences. If employees aren’t up to speed with IT, and devices aren’t properly protected, logistics companies can become another cybersecurity statistic.
Companies Can and Must Act Now
But there’s a silver lining. With the right strategies, companies can transform their workforces from a vulnerability into added protection.
First, companies should invest in training programs tailored to the unique challenges of the supply chain. These programs equip employees with knowledge and skills to identify and respond to threats while fostering an understanding of best practices and their critical role in safeguarding data.
Jeff Loftus of FMCSA joins TT’s Seth Clevenger to discuss the current outlook on ADAS technology and how it will affect the industry at large. Tune in above or by going to RoadSigns.ttnews.com.
Moreover, organizations must at every level cultivate a culture of cybersecurity awareness that encourages communication, promotes vigilance and ensures that cybersecurity is a shared responsibility among all employees.
Complementing these efforts, companies should leverage technology to aid in managing and monitoring endpoint devices. While patching updates and enforcing strong passwords may seem fundamental, these elements regularly cause issues for organizations. To address this, implementing unified endpoint management platforms can help ensure configurations stay updated, noncompliant devices are isolated and compromised endpoints undergo swift remediation.
In short, logistics companies can no longer afford to ignore the cyber literacy of their workforces. Instead, they must recognize the potential of their people to serve as a proactive, resilient front line that can identify, report and mitigate threats before they escalate.
Recognized in the IT management community as a consultant, speaker and thought leader, Apu Pavithran, CEO and founder of Hexnode, is an advocate for IT governance and information security management.
Want more news? Listen to today’s daily briefing below or go here for more info: