The Road to Resilience: Defining Core Cybersecurity Objectives for Owner Operators and Small Fleets

Ben Wilkens - January 3, 2025

“I’m not big enough to be a target.”

This is an all-too-common response from small businesses and owner operators in the trucking industry when they’re asked, “How do you secure your operation from cyberthreats?”

Unfortunately, that is proving about as accurate as denying the fact that it’s raining and assuming we’ll stay dry. More and more companies, large and small alike, are breached every day, in every industry. Trucking is no exception.  Cybercriminals use indiscriminate tools to scan networks and devices, such as smartphones and operating systems, for vulnerabilities. Once a vulnerability is found, these bad actors exploit that weakness, gain entry to that system and its connected network and begin poking around until they find something that they can use to extort the system owner into paying them. Personally identifiable information such as driver’s license numbers and social security numbers, trade secrets, confidential financial records, customer data, or compromising photos or emails can force system owners to pay a ransom, either to regain access or keep it private.

This response is no longer sufficient, prompting the question: “What do we do next?” Sure, there are plenty of cybersecurity frameworks, hardening guidelines, best practices and the like available, they are often designed for organizations with dedicated cybersecurity teams, substantial budgets, and trained personnel to deploy all the hundreds of controls listed and then audit them all regularly. This approach does not reflect the realities of small trucking operations, let alone owner operators who are already working six days a week.

This is the gap that the National Motor Freight Traffic Association, Inc. (NMFTA)™ cybersecurity team has been working to fill. We are pleased to provide streamlined and practical cybersecurity guidance, written in plain English, and designed specifically for this critical segment of the trucking industry. Drawing on recommendations from leading cybersecurity frameworks and insights gained from direct, hands-on experience securing trucking fleets, we have developed a concise, yet comprehensive roadmap. This resource will help take your operation from where you are today, to where you need to be to become resilient in the face of the new reality of this digital landscape that we all find ourselves operating in.

Whether you manage your own systems and security, have an employee that manages them for you, or rely on a third-party service provider, this guidance applies to you. We start with core best practices and gradually build on them, layer by layer, to achieve advanced cyber-resilience. By following this approach, your systems will be prepared to stand up to these cybercriminals— the most sophisticated attackers—and you will be better equipped to minimize damage and maintain operational capabilities even in the event of a successful attack.

None of us would hit the road without knowing where we’re headed. The same principle applies to cybersecurity. Join us at 1:00 pm ET on January 9 as we explore the NMFTA Cybersecurity Best Practices Guidebook – Owner Operator and Small Fleet edition. This no-charge webinar will provide additional details and actionable guidance to help you secure your operation against cybersecurity threats. As with any journey, your path to a hardened cybersecurity posture starts with assessing where you are today. Regardless of your current state, there are steps you can take now to protect yourself and the operation that you have built from cyberthreats.

For more information about our free resources, whitepapers, and research, visit www.nmfta.org/cybersecurity.

To register for the January 9 webinar, visit www.nmfta.org/nmfta-event/roadmap-to-resilience-independent-operator-edition.

Ben Wilkens
Ben Wilkens

Ben Wilkens, CISSP, CISM, is a Cybersecurity Principal Engineer at the National Motor Freight Traffic Association, Inc. (NMFTA)™. He leads research initiatives and teams focused on developing advanced cybersecurity technologies, strategies, and methodologies to protect information systems and networks. Ben works closely with academic institutions, industry partners, and government agencies to advance cybersecurity practices and provides expert guidance to organizations navigating the ever-changing cyber threat landscape.

Before joining NMFTA, Ben was a key executive at a family-owned trucking and logistics company, where he integrated technology to enhance operations while maintaining robust cybersecurity standards. With CISSP and CISM certifications, an active Class A CDL, and hands-on experience as an over-the-road driver, dispatcher, and IT specialist, Ben brings a unique perspective to the intersection of cybersecurity and transportation.