There are many, ever-changing challenges in the transport sector. With this reality in mind, last 30 October Madrid hosted a workshop entitled “Cybersecurity in Logistics and Transport”. Promoted by the Organización Empresarial de la Logística y el Transporte (Logistics and Transport Business Organisation) (UNO), companies and players from the industry met to address the issue in depth.
One of the main focuses was the European Cybersecurity Directive, analysing its requirements and the measures set forth by the law to protect and manage incidents of this type throughout the logistics chain. Cyber Crime in the Transport Sector was the other star topic of the meeting, handled from a more practical point of view, with real examples.
Debates and success stories
The event was inaugurated by the secretary general of UNO, Francisco Armada. Next, the head of the Cybersecurity Service and OCC of the CNPIC, Alberto Francoso Figueredo shed light on the Spanish situation with the aforementioned European cybersecurity directive. Following, a speech was given by the director of Commercial Cybersecurity at Minsait, Carlos Fernández Martínez, where he mentioned protective and management measures against possible cyber incidents in logistics.
Halfway through the morning, guests attended a debate table addressing cybersecurity challenges for companies in the logistics sector. This panel had speakers such as the head of Information Security for Correos (Spanish post), Jesús García, the vice-president of Ceva Logistics, Pedro Luis de las Heras, and more.
The programme continued with a talk by Alberto Redondo Sánchez, captain of the Technological Crime Group with the Civil Guard and a presentation of a success story in cybersecurity with a big retail client, given by José María Blanco, director of Strategic Intelligence for Prosegur Ciberseguridad. A debate with Mahou and Bonduelle on how companies are tackling cybersecurity in the supply chain ended the conference before a round of conclusions.
Cybercrime, a pressing challenge for the logistics sector
Cybercrime is a plague catching many companies by surprise. The massive cyber-attack in May 2017 with the Wannacry virus jeopardised the world economy, affecting both small companies and large corporations. This threw many sectors into turmoil, such as the logistics sector. They began working for more ironclad security.
But, what kind of attacks are we talking about? Cyber criminals’ favourites would fall under social engineering, manipulating the behaviour of legitimate users to obtain confidential information. Thus, through the employees of a company and tactics such as phishing, they can create huge security breaches.
Transport and logistics companies are not especially vulnerable to this kind of attack. In fact, it is estimated that they are better-prepared than the average. However, given the data that they handle, they form part of critical infrastructures, according to the Centro Nacional para la Protección de Infraestructuras Críticas (National Centre for the Protection of Critical Infrastructures) (CNPIC), so they are a more appetising target for cyber criminals and cyber terrorists.
Training, essential in the fight against cyber crime
One part in the fight against cybercrime is IT. There are practises that reduce risk, such as updating equipment with the latest manufacturer security patches, having adequate protection tools, such as antiviruses and anti-malware and firewalls, or making periodical security backup copies of information, especially sensitive information.
However, the most fundamental step to attain a secure business setting lies in educating staff. Recognising fraudulent strategies leads people to avoid downloading malware to company servers. Workers must be taught to: not open attachments to emails that look suspicious, to be cautious when following links that come through emails, instant messages and social media, even if they come from known contacts, and, in short, to be able to distinguish trusted sources from those that are.
