One of the greatest threats to our industry is the vulnerability to cybersecurity impacts on our businesses. In 2021, there is no established roadmap in our industry, where an equipment rental company can evaluate where it stands in relation to cybersecurity and identify leading practice it can aspire to.
The purpose of this guide is to define the enterprise-wide scope of cybersecurity intervention, identify the core elements of a successful strategy, including the special factors that may impact rental companies and to outline leading practices being adopted today by leaders in our industry.
This guide has been prepared by research with acknowledged leader companies in the equipment rental sector into practices in operation today to prevent and address cybersecurity vulnerabilities.
Whilst much information exists globally on cybersecurity standards, technology and frameworks, research with rental companies suggests there is limited specific direction for our sector. This guide aims to offer insights and a “Roadmap” for good security and focused on our particular sector.
The Guide illustrates the investments in, and costs of, getting cybersecurity right. It presents a scale of investment and “maturity” indicating initial investment to get basics in place, and the four ‘Capability Elements’ – Process, People, Technology and Infrastructure – provide a comprehensive scope for developing a business-wide strategy across three levels of maturity – Base Level, Maturing and Leader.
A checklist linking the essential risk and vulnerability assessment with current levels of maturity provides an aid to planning and risk reduction, and there is a model ‘First 48 hours’ response plan for immediate crisis management following a major cyberattack.
The race for good IT security will never end, but to stay ahead, leaders stress that equipment rental companies must:
- Know their assets, strengths and vulnerabilities
- Carry out risk assessment
- Plan and invest appropriately
- Prepare, in case the worst happens
- Refresh and continuously improve
The ‘ERA guide to cybersecurity leading practice’ aims to help equipment rental companies of all types and sizes plan for, develop, or continuously improve their cybersecurity.
The guide has been compiled with the invaluable support and contributions of ERA member companies, led by Loxam, mateco, renta, HSS Hire, Riwal, Boels, Kiloutou and CGT Edilizia.