Executive Summary
- Experts advise a “never trust, always verify” stance for third-party trucking technologies.
- Fleets are urged to request Software and Hardware Bills of Materials (SBOMs/HBOMs) from vendors.
- Product incident response differs from enterprise IT due to critical safety risks involving vehicles on the road.
- Integrated teams and XDR capabilities are essential for monitoring vehicle data and closing security gaps.
Amadou Kane, senior solution architect of automotive cybersecurity at VicOne, has advised trucking carriers to adopt a strict “zero-trust” policy regarding third-party technologies, emphasizing the need to verify all hardware and software integrated into fleet operations. Speaking at a recent National Motor Freight Traffic Association (NMFTA) Cybersecurity Conference, Kane highlighted that vendors supplying Electronic Logging Devices (ELDs) and telematics create widened attack surfaces that require rigorous oversight.
Kane argued that while carriers typically manage their own enterprise security, they bear the responsibility for securing third-party solutions entering their environment. He recommended that companies request a Software Bill of Materials (SBOM), vulnerability reports, and a Hardware Bill of Materials (HBOM) from suppliers. “If you can have access to the binaries of those firmware and do the scans yourself, that is the most ideal situation,” Kane stated.
To effectively detect threats, Kane suggested that fleets establish a team dedicated to monitoring data from CAN bus traffic, telematics, and connected applications. He emphasized the importance of a Security Operations Center (SOC) capable of Extended Detection and Response (XDR) to perform cross-data correlation. Kane noted, “If you cannot cross-correlate them, then it’s almost useless… You need that context.”
The expert also distinguished between enterprise incident response and product incident response, noting the latter involves safety-critical risks. “On the enterprise side, delays are acceptable, but on the product side, people’s lives are at risk,” Kane explained, pointing out that carriers cannot simply shut down or rebuild vehicles on the road during a cyber incident.
Ben Wilkens, cybersecurity principal engineer at NMFTA, supported the call for a holistic approach, stating that IT, operational technology, and product teams must converge to close security gaps. Kane further warned that criminal discussions regarding “fleet-scale attacks” are increasing on the dark web, particularly as electric and autonomous vehicles gain market share.
Operational Security Outlook
The guidance provided by industry experts underscores a critical shift in the logistics sector’s approach to cybersecurity, moving from reactive IT maintenance to proactive operational defense. As the transportation industry integrates more sophisticated connectivity, the distinction between digital security and physical safety continues to blur. The emphasis on dynamic incident response plans and deep-level verification of third-party components suggests that future regulatory frameworks and insurance requirements may increasingly mandate these “secure by design” principles to mitigate the economic and safety risks associated with potential fleet-wide cyber intrusions.
