Cutting through the confusion: the approach to cybersecurity in the maritime sector must change.

Cutting through the confusion: the approach to cybersecurity in the maritime sector must change.

As the maritime industry slowly begins to emerge from a time of unprecedented disruption, it has become clear that the challenges facing shipping have persisted – and that new ones have emerged. The industry is making positive progress toward improving cybersecurity, but it is clear that confusion remains. Sign up here to get exclusive access to a series of articles and tools designed to power up your journey toward managing the cyber risks on-board your vessels.

CyberOwl, alongside industry experts and peers, recently confronted the cybersecurity challenges facing the maritime industry during CyberSecure at Sea; a first-of-its-kind maritime cybersecurity virtual networking event.

There are, of course, a lot of challenges. But some appear to be pretty persistent. COVID-19 has changed the emphasis and urgency of specific maritime cyber risks:

1. The NIST cybersecurity framework is already widely adopted for developing cyber risk management plans. Some progress has been made in securing office IT systems. But cyber resilience of vessels is very far behind in general.

2. For vessel systems, Identifying the risks and setting up Response and Recovery plans is relatively achievable – it’s already in shipping DNA. But Protecting onboard systems is a real challenge and very difficult to achieve 100%.

3. Detecting onboard cyber incidents is even more challenging. Putting technologies in to detect, making sense of incidents detected and knowing what interventions to put in place is a challenge for IT teams onshore, nevermind the crew that have to deal with the consequences.

4. Visibility of network and user behaviour of onboard systems is low. That makes it very difficult to understand onboard cyber risks, beyond a snapshot view based on desktop assessments or one-off penetration tests. Remote working, social distancing and limited access to vessels is making the need for visibility more urgent.

5. Covid-19 is raising stress levels of shoreside teams and crew. This makes shipping more susceptible to cyber attacks, scams, misconfiguration and human error. Insider threats are now just as important as external threats to shipping fleets.

A lot of industry-wide work has been done in the last 2-3 years to “raise the tide” of shipping cyber security, from developing guidelines and notations, to setting up collaborative initiatives such as the Maritime Cyber Emergency Response Team and the Maritime Cyber Alliance.

CyberOwl will be digging deeper into some practical actions fleet operators can take to shore up their cyber risk management. We will be posting a series of thoughts and useful tools that fleet operators can access free of charge. Keep checking in here, as we develop these resources over the coming weeks.

1. Has the BIMCO guidelines cyber security onboard ships helped or hindered? Help us with this important piece of sponsored research to understand what measures have been adopted and, most important, how useful they are in actually addressing cyber risk in maritime ships. Read more

2. Security through bureaucracy is pain with limited gain – stop focusing on bureaucratic, procedural controls. Only then will you achieve actual progress in securing your onboard systems. Read more

3. Beyond the classroom: help crew cyber behave – The crew is commonly blamed as the number one source of cyber risk to vessels. The reality is that the vast majority of crew are not malicious. They just lack awareness and impetus. Classroom training helps to an extent. But “carrots and sticks” will encourage and incentivise the seafarer to cyber behave. Read more

4. Turning IMO2021 into an opportunity instead of a burden – Being a shipping IT professional can be frustrating. You recognise the need to invest in further cybersecurity, but your management team still treat it as a “compliance problem”. But perhaps this is a result of the way cybersecurity has been presented to leadership. The dialogue needs to change. IMO 2021 could offer a unique opportunity to reposition cybersecurity as an important enabler of the wider business objectives. Read more

5. Gaining visibility of your onboard systems: you can’t secure something you can’t se – Monitoring is the backbone of good cyber risk management. If you don’t know what assets you have and can’t see what is happening to those assets, then you can’t respond properly if they are under attack. But some fleet operators struggle to justify the budget until they better understand the volume and severity of cyber risks they’re exposed to – a vicious cycle, where lack of visibility leads to lack of action. Shipping IT managers can break out of this vicious cycle and implement some basic cybersecurity monitoring. This article sets out some practical guidance to get started. The rationale is clear: even some basic monitoring and a response plan makes your vessel significantly harder to attack than the next one. Read more