In early March, the National Motor Freight Traffic Association (NMFTA) held its annual Spring Meeting in Savannah, GA where we held several sessions focused on cybersecurity.
The first of these sessions was a packed panel conversation on cyber-enabled cargo theft. I was joined on stage by Jordan Strawn, senior vice president of logistics for Werner Enterprises, Steven Hankel, vice president of IT for Johanson Transportation Service, and Artie Crawford, director of cybersecurity for NMFTA. Together, we discussed the evolution of cargo theft over the last three to five years.
The conversation was eye-opening for many of our attendees, who came in with varying levels of familiarity with cybersecurity and cyber-enabled cargo crime trends.
One of the main takeaways was a clear call to action: engage your cybersecurity team any time a cargo theft occurs. Whether it involved credential theft and a load board compromise or a business email compromise that led to the theft, most of these incidents include a cyberattack component in addition to the physical theft of cargo.
Audience participation truly put this session over the top. The panelists had so many questions that we ended up extending the session to allow for additional discussion.
Also during the meeting, we rolled out our brand new NMFTA Threat Report Portal. This marked the first time anyone outside of the NMFTA team had seen the work we’ve done on this new project, and we were thrilled with the overwhelmingly positive feedback the portal received.
It is encouraging to see the progress this industry has made over the past two and half years that I’ve been at NMFTA. When I first stepped into the role of chief operating officer, many of the carriers, shippers, and brokers I spoke with were still hesitant to discuss cyberattacks openly—even among their peers—whether those incidents involved their infrastructure or cargo thefts.
However, the needle has moved significantly since then and the industry seems more eager to share information with each other in the spirit of “we’re stronger together.” The more we share threat intelligence with each other, the better all of us can prepare our own organizations to defend against future cyberattacks. The challenge in this process is how to share this information in an effective way.
When a cyberattack happens, the immediate focus is on containment and resolving the incident. But what we heard at our Cybersecurity Conference in Austin, TX, last October was that many organizations also want a way to quickly warn our peers so they can shore up their defenses before being targeted by the same threat actors.
The cybersecurity team here at NMFTA put our heads together and developed a tool designed for exactly this type of early-warning threat intelligence sharing: the NMFTA Threat Report Portal.
From the start of this project, our focus was on protecting the anonymity of reporting parties. With this in mind, we created a platform where anyone in the industry can submit information about an attack vector, the tools, techniques, and procedures (TTPs) used by an attacker, and the scale and scope of the incident. That information is then quickly and anonymously shared with all other registered carriers, shippers, and brokers on the platform.
We will be sharing more on this new project next month, but we are excited for the pre-beta debut and look forward to sharing this tool with the broader transportation industry soon.
If you would like more information on the NMFTA Threat Report Portal or would like to get involved, please contact the team.
