Don’t need Cyber Insurance? Think again!

More businesses than ever before are being attacked, hacked or having sensitive data lost or stolen. Whilst the transport and logistics sector doesn’t typically hold vast quantities of data, your exposure to cyber crime is still a very real threat, no matter what size or type of operation you run.

Your drivers and customers are some of your biggest assets; however, their data is one of your biggest vulnerabilities! Haulage and transport firms collect information that is classed as personal data.

This includes;-

  • Driving licences
  • Telephone numbers
  • Driver qualification records
  • National Insurance Number
  • Customer details
  • Records of employee performance
  • Certain employee medical records
  • Tachograph readings
  • Bank account details

With the introduction of ‘smart tachographs’ in 2019, businesses are accessing and storing even more valuable information than before, including higher levels of personal data.

Cybercriminals take advantage of our digital world, such as intercepting payments to suppliers and third parties. One ploy is to cleverly impersonate third parties or even your employees. Seemingly legitimate emails can be hackers trying to redirect funds.

Funds Transfer Fraud

This was the case with one unfortunate haulage firm, who became the victim of a scam starting from email correspondence between them and its accountants. Using a method called ‘email spoofing’, in this instance cyber criminals created an authentic looking email which convinced their financial director that a change of details was necessary for payment of taxes. The whole episode left them out of pocket by £128,299.

As with so many cyber-related events, this loss stemmed from human error and it’s very difficult for any business to eliminate this risk entirely. Thankfully, though, the haulage firm was able to recoup the funds under the cyber crime section of its cyber insurance policy.

Legal obligations

Any organisation that holds personal data, has a legal obligation to keep it secure and out of the hands of cybercriminals. You need to ensure all staff are aware of their responsibilities and understand what constitutes a breach of data.

GDPR regulations require all organisations to report certain types of personal data breach to the Information Commissioners Office (ICO) within 72 hours of becoming aware of the breach. Failure to do so is punishable by a fine (a maximum 4% of turnover). The ICO can also discipline organisations in other ways, such as enforcement actions and audits – so it is essential to have a plan in place ready to respond.

Almost all businesses are exposed to potential cyber risks, which is why cyber insurance is such a crucial tool.

Reasons to hold Cyber Insurance:

Your I.T. system is the lifeblood of your operation; route planning, payroll, employee records, customer orders, vehicle maintenance records, tachograph history and managing invoicing. Should it be compromised the consequences could be catastrophic!

Cyber Incidents are not picked up by traditional ‘Combined Insurance’ policies, leaving you exposed to pay the full costs from incidents. These costs range from rebuilding your I.T. system and data or being forced into paying a ransom to regain control.

It is very important to note that information held by you could be vital in the event you need to provide evidence at a public enquiry, so protecting this data is paramount.

Cyber Insurance protects you during and post cyber incident. Protection that can include; –

  • Costs recovered for damage to data or systems
  • Security breaches compensation – for funds paid to fraudulent sources
  • Legal and regulatory defence costs
  • Access to specialist computer forensic support

Cyber insurers’ claims teams deal with data breaches on a regular basis and have the experience to help guide effective decision making and fast action.

They will support their policy holders through the response process, make relevant legal and technical experts available as required. They will also cover the expense of fixing the breach and notifying anyone whose data has been lost, thereby complying with breach notification laws and covering the associated costs.

Further information

In addition, the Government’s Cyber Essentials scheme provides useful advice around good cyber practices.  

The Cyber Security Information Sharing Partnership (CiSP) helps alert businesses to the latest threats and confidentially share information relating to attacks.

Useful links

RHA Insurance Services can help

It only takes minutes to put in place a policy providing you with a range of appropriate cover options.




Subscribe to our newsletter to stay up-to-date:


As members of the Road Haulage Association, you are aware that the transportation industry is complex and demanding. A critical aspect of ensuring smooth operations and protecting your businesses liabilities, is understanding the importance of how you use the correct Conditions of Carriage. In this article, we delve into the significance of Conditions of Carriage and how it can safeguard your road haulage activities.
With business costs including fuel prices at an all-time high, it’s important to try and reduce overheads where you can, but without cutting corners or taking unnecessary risks. One way you can do this is by ensuring you are receiving the most competitive premium available through early engagement in your renewal process.
More businesses than ever before are being attacked, hacked or having sensitive data lost or stolen. Whilst the transport and logistics sector doesn’t typically hold vast quantities of data, your exposure to cyber crime is still a very real threat, no matter what size or type of operation you run.
If your business is to move property and goods from A to B, a Freight Liability policy is a critical part of your risk management and insurance protection strategy. At RHA Insurance Services, we are here to help and want to share our expertise with you, that is why we are providing an overview of the common covers, terms and exclusions found within these policies.