Ben Wilkens
In a recent article I wrote for TheTrucker.com, I talked about the importance of including drivers in cybersecurity awareness training. In that article, I also pointed out that the vehicles our drivers operate are essentially rolling networks.
The cab of a modern Class 8 truck contains, arguably, more tech than most small offices did 10 years ago. However, many fleets cannot produce an accurate list of what connected devices exist inside their trucks and trailers.
The modern truck often has an electronic logging device (ELD), an associated telematics gateway, original equipment manufacturer (OEM) telematics connections and infotainment systems.
Many — if not all of these — receive over-the-air updates.
This list doesn’t include any of the aftermarket add-on devices yet, such as dashcams, Wi-Fi hotspots and all the devices (both personal and company-owned) that connect through them.
Trailers have their own connected devices and communication channels as well. Consider tracking devices, connected reefer units and their associated environmental sensors, and Bluetooth or wireless tire pressure monitoring systems.
All too often, fleets cannot produce a detailed inventory of these devices per vehicle configuration.
Why is this important? We cannot protect what we don’t know about.
In the 2026 NMFTA Cybersecurity Transportation Industry Cybersecurity Trends Report, telematics manipulation, GPS spoofing and insecure aftermarket devices were all identified as factors that contribute to cyber-enabled cargo crime.
How is the vehicle itself a potential target?
The diagnostic port doesn’t natively distinguish between a manufacturer’s scan tool and an aftermarket device with sub-par security controls.
These aftermarket devices vary significantly in their security maturity.
Some of them are excellent and have been rigorously tested for vulnerabilities before being released to the market. Others, not so much. Some devices are built to meet a price-point that makes them likely not to include the cybersecurity protections required to safely deploy them in our fleets. Many devices and components are also manufactured in countries of origin that are not considered safe from a cybersecurity perspective.
It’s important to note that the truck doesn’t need a Hollywood-style hack to occur in order to be a threat vector. Blinding the tracking system on a truck or trailer or passively accessing data being transmitted by an insecure aftermarket device could pose a security risk.
Ultimately, the largest risks come from potential manipulation of the signals on the vehicle bus network itself, though this generally requires a higher level of access and sophistication than most attackers possess.
It is helpful to consider the potential risks as three possible attack paths.
The Data Path
Location, load details, customer information and routing data all flow to and from the truck constantly. Many cargo thefts occur through simple manipulation of the shipping details for a load, which could be possible if one of these communications channels were compromised.
The Control Path
This is anything that could change what the truck or trailer is told to do by onboard systems. A manipulated signal to a brake controller, a spoofed fault code or a simple signal overload of the entire system can derate a vehicle.
The Trust Path
The device on the diagnostics port, the tablet connected to the vehicle, the dashcam monitoring the vehicle’s movements — all of these devices’ connections are accepted by the vehicle. Weak security in any of these devices can create an attack path.
Our trucks are a clear example of why a converged approach to security that includes cybersecurity, operational security and cybersecurity is necessary. The paths above require all three of these security disciplines to be involved in the solution.
What can fleets do about the risk?
The answer here is not a 50-item checklist. A small number of actions can dramatically increase the security of any fleet.
Inventory what is connected.
Have maintenance personnel and security or IT personnel walk a truck together and document the connection points. Repeat this for each different configuration in the fleet. It may be surprising how many devices and systems are identified in this exercise.
Vet all aftermarket devices and vendors from a security perspective.
Anything that plugs into a diagnostic port, or pairs with the vehicle is a part of your attack surface. Ask the vendor about their security practices, their update process and how they handle vulnerabilities. If they don’t have answers, then your answer should be clear.
Bring your drivers into the conversation.
The driver will notice when something is acting strangely long before security or even maintenance. Give them a clear and simple reporting path and treat reports seriously; they may be an early warning sign.
Make sure your incident response plan (IRP) recognizes the truck as a potential attack surface.
An incident does not always begin at an enterprise firewall or with a phishing email. It could start with tampering via a diagnostic port, errors in a telematics system, or odd vehicle fault codes reported by a driver. The IRP needs to account for that.
Security starts with visibility
Historically, our equipment and our information technology were two separate worlds. Different teams were responsible for them; they had completely different vendor management requirements; and the teams had totally different vocabularies. That separation is no longer viable. The trucks and trailers must be part of the security program now.
Modern trucks are connected platforms that produce data, receive instructions and interact with other trusted devices constantly. This means that they are part of the cybersecurity risk taxonomy whether the organization acknowledges it or not.
NMFTA has a growing library of free resources to help fleets continue their security journey, including the Road to Resilience series of guidebooks, the Vendor Risk Assessment Framework and the new Freight Fraud Prevention Hub, as well as numerous white papers and research articles focused specifically on the rolling assets that make up the backbone of our operation.
In late April 2026, FMCSA quietly released a new Frequently Asked Questions (FAQ) document focused on prohibited coercion of commercial motor vehicle (CMV) drivers. While the coercion rule itself is not new—it has been on the books since 2015—the timing and substance of this guidance are anything but routine.
At a moment when regulators are confronting ELD fraud and manipulation, hours-of-service pressure, chameleon carriers, and broker misconduct, FMCSA’s message is clear: if fraud is our enemy, then so too is coercion to commit fraud.
What Is the Prohibited Coercion Rule?
The coercion rule, codified at 49 CFR § 390.6, makes it illegal for motor carriers, shippers, receivers, and transportation intermediaries (including brokers) to pressure a driver to violate federal safety regulations.
FMCSA defines coercion as a three-step sequence:
- A party requests that a driver perform work that would violate a regulation.
- The driver objects in writing or verbally, explaining that doing so would require a violation.
- The party threatens or takes adverse action, such as withholding loads, pay, or future work, to force compliance.
Importantly, FMCSA also makes clear that a violation does not have to occur for coercion to exist. A mere threat is enough.
In short, the FAQs clearly signal that:
- Drivers are not required to violate safety rules to “get the load done.”
- Drivers may file a written coercion complaint within 90 days of the incident.
- Complaints can be supported through texts, emails, dispatch messages, or witness statements.
For the rest of the industry, this guidance raises the stakes.
FMCSA has the authority to bring enforcement actions directly against non-carriers, including freight brokers, shippers, receivers, transportation intermediaries, and their agents. This means a dispatcher threatening reduced miles, a broker implying “no future loads,” or a receiver penalizing a driver for refusing to violate HOS can all trigger exposure under § 390.6. Civil penalties, reputational risk, and downstream audit consequences are all on the table.
Why Did FMCSA Issue This FAQ Now?
FMCSA states that the purpose of the FAQ is to “help drivers understand how they might be coerced to violate safety regulations and what they can do if they believe they have been coerced.”
However, this guidance comes against a much larger backdrop of fraud enforcement:
- Rising enforcement attention on hours-of-service and ELD fraud and falsification
- High-profile cases involving coercion tied to fraudulent carriers and brokers.
- Chameleon carrier issues, registration fraud, and the launch of MOTUS
- Data showing that HOS- and ELD-related violations remain among the most common roadside violations.
FMCSA is signaling that coercion enforcement is not theoretical. It is active, expanding, and increasingly multi-party.
Why This Guidance Is Important
Although the FAQ is explicitly described as non-binding guidance, it matters for several reasons:
- It clarifies what evidence FMCSA expects in a coercion complaint.
- It confirms that brokers, shippers, and receivers, and not just carriers, can be held liable.
- It emphasizes that coercion can occur through texts, emails, dispatch systems, and implied threats, not just explicit orders.
In short, FMCSA is laying out a roadmap for enforcement, even while maintaining that the FAQ itself is not a new regulation.
The Bigger Picture
FMCSA’s coercion FAQ is less about restating the law and more about resetting expectations. The agency is reminding the industry that safety compliance is not negotiable, and pressure—subtle or overt—can carry real consequences. Perhaps less overtly, FMCSA may also be recruiting truck drivers to join forces with FMCSA in their fight against fraud by asking them to report carriers, brokers and shippers asking them to commit or ignore fraud. For an industry built on coordination, the message is simple: it takes a village.
he Level VIII Inspection Program represents a major, yet evolving, concept in trucking enforcement. Defined by CVSA in 2017 as a fully electronic inspection conducted while a vehicle is in motion, it is currently being tested by FMCSA and CVSA through a phased operational pilot to determine feasibility, usefulness, and scalability. The challenge, however, is not envisioning the concept but implementing it in a way that is fair, secure, standardized, and operationally credible. This is where the sausage is made.
At its core, Level VIII aims to transform roadside inspections from discrete events into a continuous, data-driven system. Its potential is to expand inspection coverage, reduce delays for compliant carriers, and improve enforcement targeting. CVSA’s Level VIII Guiding Principles reinforce this vision while emphasizing collaboration with industry.
Progress to Date
The program has moved beyond theory. The operational test began in March 2024 in Mississippi and Kentucky and expanded by October 2025 to four states and six motor carriers. This growth signals progress toward real-world application.
The test is collecting key compliance data, including USDOT number, registration, operating authority, UCR compliance, out-of-service orders, driver licensing, and medical certification, with limited hours-of-service (HOS) data. These elements align with what enforcement uses in traditional inspections. However, not all components of a full Level VIII inspection—such as verified driver identity and complete HOS compliance—are fully implemented. Data authenticity validation is also not yet active and is planned for a later phase.
Equally important is the program’s governance approach. FMCSA and CVSA are using a phased, stakeholder-driven process to test and refine the system before it affects safety scores or enforcement decisions, consistent with CVSA’s emphasis on thorough, technology-neutral evaluation.
Why It Matters
Interest in Level VIII stems from a gap between the growing number of carriers and limited inspection capacity—roughly 3 million roadside inspections annually are insufficient for comprehensive oversight. Level VIII could significantly expand monitoring without increasing enforcement personnel.
For carriers, benefits include reduced delays and operating costs. Even simple bypass systems can save time and fuel, and Level VIII could extend these efficiencies. CVSA also highlights potential incentives such as CSA credit and access to real-time inspection data, positioning Level VIII as both an enforcement and compliance management tool.
Key Challenges
The program faces several major hurdles:
- Data completeness: The system is not yet capturing all required inspection elements, and some data—such as endorsements and Hours of Service—remains difficult to verify.
- Interoperability: Data must seamlessly flow between vehicles, third-party providers, state systems, and FMCSA platforms, which requires significant technical coordination.
- Privacy and security: Protecting sensitive and proprietary data is central to building industry trust, and current testing appropriately limits data use to secure, non-production environments.
- Policy design: Critical questions remain unresolved, including whether participation will be voluntary, how results will impact safety scores, inspection frequency, and dispute processes.
- Fairness: Uneven geographic deployment could lead to disproportionate inspection exposure for some carriers, though randomized and mobile inspection models may mitigate this issue.
The Road Ahead
Level VIII will likely evolve gradually through phased development, with expanded data validation, enforcement logic, and policy decisions following successful testing.
Success will depend on adherence to CVSA’s Guiding Principles: collaboration with industry, use of existing technologies, cost control, meaningful incentives, data protection, and a focus on safety outcomes. Traditional inspections will remain essential, with Level VIII serving as a complementary tool to better target enforcement resources.
Bottom Line
Level VIII is gaining momentum but remains in a proving stage. Its progress is evident in active testing and expanding participation, but significant challenges—technical, operational, and policy-related—must be resolved. If FMCSA and CVSA can balance innovation with trust, fairness, and practical value, Level VIII has the potential to modernize commercial vehicle safety oversight while delivering clear benefits to both enforcement and industry.
FMCSA’s overhaul of the DataQs system has generated considerable excitement across the trucking industry, with some portraying the changes as a long-overdue correction to a process carriers have criticized for years. But despite the headlines, motor carriers should be careful not to overstate what these reforms actually accomplish. The reality is that the revised DataQs framework is far more procedural than transformational.
In many ways, this is not the sweeping industry victory some hoped for.
The reforms do not create an independent appeals body outside of State motor carrier enforcement division. They do not fundamentally shift authority away from state enforcement agencies. And they do not suddenly make it substantially easier for carriers to overturn violations or crash determinations. At the end of the day, the same enforcement ecosystem that writes the violations still largely controls the process for reviewing and resolving challenges to those violations.
That point matters because many carriers’ frustrations with DataQs were never just about denied challenges. The deeper concern was that the process often felt circular. A carrier would challenge a violation only to have the review handled within the same agency structure responsible for issuing it in the first place. While FMCSA’s revisions introduce additional review layers, stricter procedural requirements, deadlines for review, state accountability, and transparency actions, they stop well short of creating true independence in the decision-making process.
What FMCSA has really done is attempt to standardize a system that historically varied widely from state to state.
Under the new requirements tied to MCSAP grant funding, states must now meet specific timelines, establish multi-level review procedures, document decisions, and manage backlogs more consistently. That should improve predictability and reduce some of the inconsistency carriers have long complained about.
But uniformity should not be confused with neutrality.
The revised framework still leaves final authority largely in the hands of state enforcement agencies. Even when reconsideration requests move to higher-level reviewers, the process remains internal to the same enforcement structure that produced the original violation. That reality can limit how dramatic the practical impact is likely to be for carriers.
Ironically, one of the most meaningful impacts of the reforms may fall on enforcement agencies themselves. Because FMCSA tied compliance to MCSAP funding eligibility and requires states to have their programs approved by FMCSA and their plans and adjudication results published on FMCSA’s website, states now have stronger incentives to ensure inspections, documentation, and review processes can withstand scrutiny. Agencies may become more disciplined in documenting violations and more methodical in explaining why challenges are denied.
That could still benefit carriers over time. Better documentation, clearer explanations, more transparency, and more structured reviews may reduce poorly supported enforcement actions at the margins. But this is probably best understood as an operational reform, not a philosophical one. The process may become cleaner, faster, and more standardized, but it is still largely the government reviewing the government’s own work.
May is Motorcycle Safety Awareness Month. Jurisdictions have begun reminding drivers to share the road with riders, and encouraging all road users to implement safe practices to bolster safety for everyone. Below is a selection of member and partner news releases regarding this update.
