Is your organization ready for a cyberattack?
Not just your IT department. Your whole organization.
Finance. Sales. HR. Fleet management. Drivers. Even your customers.
When a cyberattack hits, it doesn’t just affect the IT department. But in most companies, it’s only the IT people who give much thought to such scenarios.
At NMFTA, we want our members and the entire trucking industry to be as prepared as possible for cyberattacks.
These are known as tabletop exercises, and they simulate cyberattacks on a company.
Antwan Banks, who recently joined NMFTA as director of enterprise security, has run tabletop exercises throughout much of his career – both in the military and more recently with the Metropolitan Atlanta Rapid Transit Authority (MARTA).
“We infected the whole organization with ransomware and we quickly determined that we didn’t have enough cyberinsurance,” Banks said. “We also didn’t have the pre-contracts in place that, if we got hit, we could kick those contracts into place and get equipment moving and get a response team in place. You have to bring in a professional team to find out how they got in.”
To be clear, MARTA wasn’t hit with ransomware for real. But the simulations are very realistic, and they’re designed to put stress on every part of the organization to find out what people would do in response.
Among the issues considered during the exercise:
Banks says one discovery of the exercise was that the organization had “shadow IT systems” – platforms brought in by employees that the IT department didn’t even know about.
Dr. Jeremy Daily, an associate professor at Colorado State University and the leader of the annual CyberTruck Challenge, says it’s important to make the tabletop exercises wide-ranging because of the evolving nature of the threat.
“You’re limited only by the attacker’s imagination,” Daily says. “They might send deepfakes that appear to be from the CEO, or ChatGPT-generated phishing emails. This stuff is really compelling because artificial intelligence (AI) can learn. The weaponization of artificial intelligence creates a very challenging environment to defend against, because you’re always reacting and they’re always one step ahead.”
Banks says organizations often learn through the tabletop exercises that even when they thought they were protected, they really weren’t.
“Some companies have cyberinsurance, so they think, ‘If we get hit, we’re covered.’” Banks says. “But the cyberinsurance may only be $5 million, and you might have a $20 million catastrophe.”
Another issue that often comes up in the tabletop exercises is how to deal with the public in the event the attack affects them, as would have been the case with MARTA. While a trucking company has a different kind of customer base, a cyberattack could impact people all across the country trying to ship or receive packages. It could also affect customers in the event a cyberattacker leaked their information.
“You want to make sure your brand is not harmed, and that people who do business with you don’t lose confidence in you,” Banks says.
The desired outcomes from a tabletop exercise should include:
“You need to have a playbook in the event something happens,” Banks says. “And it needs to be both electronic and paper because if your system gets shut down, you can only read the paper version. So make sure the paper version is updated with the most current version of the playbook.”
We here at NMFTA are constantly working with members to ensure that defenses against cyberattacks are effective. But we also believe it is critical to be prepared.
If you would like to inquire about help in staging a cyberattack tabletop exercise, please contact Antwan Banks at antwan.banks@nmfta.org for more information.
Antwan Banks is an accomplished cybersecurity professional with extensive experience in various high-profile roles. He currently serving as the director of enterprise security for the NMFTA where he plays a pivotal role in educating the trucking and supply chain industry about the myriad of intricate security risks associated with enterprise networks. Prior to NMFTA, Antwan served as the director of cybersecurity at the Metropolitan Atlanta Rapid Transit Authority (MARTA), where he managed cybersecurity operations and built the Information Security Office to safeguard various systems and networks. Antwan's expertise also extends to his military service as a United States Army Lieutenant Colonel, where he oversaw IT and computer security projects in Germany and the Middle East and served as a military advisor to the Saudi Arabian military Chief Information Officer.