Maritime cybersecurity on land and at sea
The International Maritime Organization has taken the initiative and issued guidelines to raise awareness across the industry on how to tackle maritime cyber security. Its aim is to “support safe and secure shipping, which is operationally resilient to cyber risks.”
The first thing to understand is that Information Technology (IT) and Operational Technology (OT) systems can be hacked onboard as well as ashore. Such cyber security breaches have the potential to broadside the safety and security of ships, ports, marine facilities and other elements of the maritime transportation system.
OT and IT, what is the difference?
The distinction between Information Technology and Operational Technology systems is important to understand.
Information Technology systems (IT) may be thought of as focusing on the use of data as information.
Operational Technology systems (OT) focus on the use of data to control or monitor physical processes.
In other words, IT tells you how to get to port, OT makes it happen. This is the backbone of your business. These two systems are integrated and the protection of information and data exchange between them is extremely important.
What maritime systems are vulnerable?
- Bridge systems
- Cargo handling and management systems
- Propulsion and machinery management and power control systems
- Access control systems
- Passenger servicing and management systems
- Passenger facing public networks
- Administrative and crew welfare systems
- Communication systems
What types of maritime cyber threats are there?
- Malicious actions (e.g. hacking or introduction of malware)
- Unintended consequencesof benign actions (e.g. software maintenance or incorrect user permissions).
In general, these actions expose vulnerabilities (e.g. outdated software or ineffective firewalls) or exploit a vulnerability in operational or information technology. Effective cyber risk management should consider both kinds of threat.
Where do I start with maritime cyber security?
The first step is to conduct a Network Assessment to compare an organization’s current, and desired, maritime cyber security risk management postures. Such an assessment may reveal gaps that must be addressed in order to secure your IT network. An outside IT professional will provide an unbiased, objective evaluation of your network. Once the assessment is completed, recommendations are made for system upgrades, monitoring, and staff training. Never forget about your staff, they are highly vulnerable to phishing attacks.
Baseline tests of staff by KnowBe4 reveal over 30% of staff are “careless clickers”, falling for simulated phishing attacks. With quarterly training and evaluation, this can be reduced to less than 2%.
What is senior management’s role in cyber security?
Effective cyber risk management begins at the senior management level. Management should instill a culture of risk awareness in the entire organization. A chain is only as strong as its weakest link and without reinforcement of proper procedures, your employees can put your business at risk.
Do you know a phishing attack when you see it? Take our partner Sopho’s “Spot the Phish” game and find out.
How Responza helps reduce maritime cyber risk
Responza IT management and support provides all the services needed to put your IT network and infrastructure securely within the IMO guidelines. After a network assessment, our professional technicians will:
- Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations.
- Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations.
- Detect: Develop and implement activities necessary to detect a cyber-event in a timely manner.
- Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event.
- Recover: Identify measures to back-up and restore cyber systems necessary for shipping operations impacted by a cyber-event.
Click this link to download the IMO’s complete GUIDELINES ON MARITIME CYBER RISK MANAGEMENT.