by Sean Killcarr, in Trucks at Work

cyberCyber security is a big worry in the world of business and that’s especially true of the trucking industry, which is relying more and more on all sorts of digital pathways these days, for transmitting everything from freight data to the real-time fuel economy performance metrics of its vehicles.

Indeed, some specialists are even recommending that businesses purchase “cybercrime” insurance, as you can read here, because of the potential loss risks associated with cyber-attacks – and that loss risk is also becoming more acute in trucking as well.

Yet a new study compiled by the Ponemon Institute and asset management company Avecto finds that many businesses may have more gaps in their information technology (IT) than they think – particularly when it comes to defending against infiltration via viral downloads and other such “insider” attacks.

The Cyber Strategies for Endpoint Defense 2014 report put together by the two firms is based on responses from 559 IT managers and IT security practitioners in the U.S. and found that 55 % of them have either zero or low visibility of employee behavior, application access and software downloads as they struggle to secure the “endpoint” or central data “heart” of their business enterprises.

On top of low visibility, the study also revealed the excessive power users are given over IT infrastructures, with some 31% of staff reportedly having administrator privileges – opening companies up to insider threats and serious damage from malware and targeted attacks, noted Paul Kenyon, co-founder and executive VP at Avecto.

Users are also calling the shots when it comes to security, the report noted, with 42% of respondents revealing that the number of staff with admin privileges has increased from last year due to growing demand from employees and 50% giving administrative rights because they are unable to control application use.

computurAlmost a quarter of respondents cannot determine the number of IT users with administrator privileges, despite 34% of total security time being spent on managing user profiles. The study’s results also depict IT departments without adequate power and control over their users, with over 80% admitting they find it difficult to secure the endpoint and just 5% claiming to be prepared to deal with targeted cyber-attacks.

“The lack of visibility that IT security professionals have in terms of user behavior and admin rights, combined with more sophisticated attack vectors, is making securing and managing the endpoint a growing challenge,” noted Kenyon. “As a result, this is opening up a huge variety of internal and external vulnerabilities.”

The wide-ranging study looked at a number of endpoint security threats and revealed that preventing APTs or “advanced persistent threats” is of the greatest concern, yet 52% of organizations do not have the correct technology in place to prevent targeted cyber-attacks. And though 92% of organizations in polled by Ponemon and Avecto said that up-to-date antivirus software is in use today, only 34% rate it as very effective in preventing cyber intrusions.

"While preventing targeted attacks is considered a high priority, only 5% of respondents said their organization is fully prepared to deal with them,” noted Larry Ponemon, founder of the Ponemon Institute, in the report. “Organizations must deploy a layered approach to endpoint security or they will risk opening their systems up to vulnerability from multiple threat sources. The new age of cyber-attacks requires modern defenses and companies must act quickly."

Just another reminder that trucking companies need to keep looking for ways to make their electronic connections more secure as they will only continue to rely on them to conduct more business in the months and years ahead.

To read more blog posts from Sean Kilcarr's award-winning blog, "Trucks at Work", click here.