From August 16-20, we were elated to serve as a gold sponsor for the 2021 CyberTruck Challenge. Two of our dedicated cybersecurity professionals, Todd Herrell and Robert Garcia, attended the challenge, which took place in Warren, Michigan.
They led students and aspiring cybersecurity professionals throughout the week, offering insights and guiding them as they attempted to — safely — hack systems. Safe hacking presents opportunities to learn about digital safety hands-on and identify discrepancies in systems for better protection. Robert is a security analyst who has been at Omnitracs for seven years and has 15 years of information technology (IT) experience. Todd works on our security architecture and engineering side and comes with 20 years of IT experience.
We sat down with them to learn about their exciting experience, backgrounds, and cybersecurity insights. Keep reading for their takeaways!
Hi! Can you share a recap of the event?
Robert: Just to say it’s cool is an understatement! This was my second time going. We presented three of our different ELD products, which we tested with the attendees. I was responsible for setting up all the configurations so all the students and security researchers could attack safely without interrupting our production platforms. We had five students that worked full-time on our equipment, starting from the inside out. For some of the students at the event, this was their first time testing something and actually seeing results.
Todd: This event is very granular in the heavy truck space, and it was my first time going to an event like this. We had all the components within a truck in a box and all the telematics devices all in one place so that the groups could look for vulnerabilities and weaknesses. This was an excellent opportunity to look at the software itself, firmware, and hardware pieces. I assisted Robert with the setup and with the students. We walked through and helped them facilitate their hacking experience.
What sparked your interest in cybersecurity?
Robert: It’s the only thing I’ve ever really wanted to do! This is what I joined the navy to learn. I feel like I made it where I was going. Having made it here, it’s also one of those jobs where you instantly see the value of what you do. There isn’t another job like it. Most of what I do for the greater good is pretty much immediate, and you can see it. Going to this event and having the opportunity to teach people something new in the world of security is incredible. I love it!
Todd: I’ve been in IT for a long time and worked in healthcare and finance previously. When working in healthcare, I was talking to some folks at a children’s hospital, and they had been breached. I couldn’t imagine someone doing that. I have a vigilante perspective; I felt like I needed to be involved in this, as this type of hacking goes against every ethical belief I have. There weren’t enough people working to stop where things were going, so I pivoted into security 12 years ago. I wanted to protect and defend, and I knew they would need people who understood hardware. It’s an industry that needs people. That’s why these events are exciting because you see people who want to make a difference. They want to ethically hack and block the holes people take and exploit. I see a lot of them in me.
What’s the most insightful thing you learned from the event?
Robert: I came two years ago. I saw some of the same folks coming right back here — some students who have been hired in the industry. Year after year, you see those young people who now have a full-time career working in cybersecurity. You can very quickly build a good network of awesome people.
The CyberTruck Challenge event organizers also handled the COVID-19 pandemic well! They gave out wristbands, masks, and individually boxed lunches. Plus, people were spaced out. It’s probably as good as something like that gets.
Todd: It was my first time meeting the industry rockstars for security in transportation. It was wonderful to interact and engage with them and network and strengthen our collaboration with many intelligent people. We all have the same issues, problems, and challenges, but we are all trying to make it better. We also got to interact with future professionals coming into the ranks. It’s a gamut of different people. It’s essential that we stay present in the environment, are part of the narrative, and collaborate.
Another positive thing to take from this is we worked alongside agencies and competitors. We were willing to put aside our differences from a business perspective to make the industry better. That’s so important. We help train the future of cybersecurity professionals coming through our industry. We all come to the table to make things better and put aside our competitive angles to make it better for everyone. To see people really excited about safeguarding transportation and genuinely caring about it — it’s inspiring. It’s a really cool collective of people.
This event focuses on cybersecurity in heavy-duty trucks. Why should those responsible for these trucks prioritize cybersecurity?
Todd: If you’ve read the news, all businesses should be aware cybersecurity is a business-impacting risk. It’s critical infrastructure to the United States. Transportation is making the headlines more and more. Transportation is connected to the ransomware spreading to all the industries and the operational tech breaches we’re seeing. There are in-cab devices, cloud-hosting systems, and software running through this country’s supply chain. It’s an intricate dynamic of systems connected to an ecosystem.
This year’s event was undoubtedly a success! Stay tuned for our upcoming coverage on National Cybersecurity Awareness Month, heading your way this October! In the meantime, read Sharon’s insights from last year.