top of page
Search

Cybersecurity in logistics

  • Writer: Danielle Spinelli
    Danielle Spinelli
  • Apr 19
  • 3 min read
Fraud Girl fights cyber crime

The Real Connection Between Cybersecurity and Cargo Crime. Cybersecurity in Logistics. Let’s be honest, most of us in logistics didn’t sign up to become cybersecurity experts. But here we are. The freight world is changing fast, and unfortunately, so are the threats. Whether it’s phishing emails, spoofed calls to drivers, or full-blown ransomware attacks, cybersecurity has officially moved from the back office to the front lines of our industry. I recently had the chance to sit down with Ben Wilkens from NMFTA Cybersecurity(National Motor Freight Traffic Association) to talk about the overlap between cybersecurity and cargo crime. Ben’s got a unique background, he started in trucking (everything from driver to dispatch) and eventually moved into IT and cybersecurity. So, he knows what it’s like on the ground and how to talk about this stuff without sounding like an IT textbook. 

The Cyber-Freight Connection: More Real Than You Think. NMFTA has been deep in the cybersecurity space for over a decade, but what they’re doing lately is especially relevant. Their new Cargo Crime Reduction Framework is all about connecting the dots between typical IT security practices and real-life freight theft and fraud. The short version: If you implement basic cybersecurity controls, you’re also reducing your risk for fraud and cargo theft. Ben pointed out something that really stuck with me: a lot of what we think of as “fraud” or “cargo theft” starts with social engineering. Someone convincing a person inside your org to bypass a process, give up a login, or click a sketchy link. Once that happens, they’re in.

If you do nothing else, Please For The Love of GOD Do THIS..

1. Onboarding and Offboarding Employees Are Security Moves

Most people build out onboarding pretty well. But offboarding is where things fall apart. Think about every tool your people use link of email, load boards, tracking software, TMS, even Google Drive. Now ask yourself: Do you have a checklist that gets updated when someone leaves? If you don’t, you’re leaving the door wide open.

2. MFA Isn’t Optional

Multi-factor authentication (MFA) is still one of the easiest, most effective tools to prevent unauthorized access. Ben says whether you're using SSO or not, just turn MFA on wherever you can. It’s not a silver bullet, but it’s a very real speed bump for attackers.

a.      Review Processes When Things Change - Organizational change—like hiring, mergers, tech upgrades, or even just changing vendors—should always trigger a review of your security processes. Don’t “set it and forget it.”

4. Vet Your Vendors

Ben made a great point: when you buy software, you’re also buying that vendor’s security (or lack of it). Ask questions like:


  • Who has access to my data?

  • Where is it stored?

  • What’s your process for internal access control?

  • Do you require MFA for your own employees?

  • When was your last audit or penetration test?


Even if you're a small customer and can’t make demands, you can still walk away if something doesn’t feel right.

So How Do You Check Your Security?

Here’s a basic self-audit checklist from Ben:


  • Make sure you have a full list of your tech stack and data assets.

  • Check your FMCSA/Safer profile regularly?

  • Monitor for credit changes or identity theft?

  • Do you use MFA everywhere you can?

  • When you have an employee leave your company, did you ensure offboarding processes actually removed access?

  • Keep regular tabs on your trash folder and see if there is any unusual


If the answer to any of those is “not really,” that’s where to start.

What’s Next from NMFTA?

NMFTA continues to publish free cybersecurity resources, including their Cargo Crime Reduction Framework, updated fleet guidebooks, and monthly webinars. And don’t miss their annual fall conference, happening October 26–28 in Austin, TX. Word is there might be a post-conference visit to Joe Rogan’s comedy club, just saying. You can access all their content here: www.nmfta.org/cybersecurity - Plus right after you can fly out to Broker-Carrier Summit ;)

Fraud Girl's Final Thoughts: This conversation reminded me how important it is to build a culture around cybersecurity, not just policies no one will pay attention to. People are your best defense when they’re trained, empowered, and even rewarded for catching threats before they become disasters. You don’t have to lock everything down like Fort Knox, but a little planning goes a long way. If you’ve made it this far, thanks for sticking with me. If you ever want to talk security, fraud trends, or how to vet a sketchy carrier, you know where to find me.

Be sure to follow the Tell Me Everything Podcast now part of the Fr8 Talk Network! This episode you can find here!

Danielle Spinelli

 
 
 

Comments

bottom of page