Welcome
Summary
Course
Exam
Certificate
Library
News
Support
My Account

Profiled Partners

  • Be Cyber Aware at Sea
    Start the Course now!
  • CSO Alliance
    The World's First Global Members Alliance of Maritime Company Security Officers (CSO)
  • Be Cyber Aware At Sea
    A Global Maritime & Offshore Initiative.
  • Navarino
    The Maritime Industry's Most Advanced Communications & Connectivity Company
 

 
 

Digital fog ahead - seeing through the complexity of maritime cybersecurity

Inmarsat, June 2017 
June 16th 2017
Inmarsat, June 2017
Professor Paul Dorey's blog succinctly outlines how digitisation has given cyber criminals more opportunities to commit their crimes, and given them the ability to wield greater destructive power over companies and industry. He outlines the need for the shipping industry to work together rather than apart, and tackle this threat from common ground. Read this blog and others here.

Where digitisation appears then cybersecurity is never far behind.

Early on, banks and retailers discovered that their websites, systems and databases made tempting targets for criminals to steal personal data or even money. Later digital adopters in the utilities and energy sector found that cyberattacks can even have physical consequences, for example as suffered by the Ukraine in 2015 with water pollution or the widespread power disruption.

Now the wave is reaching the maritime industry. Ships, ports and maritime support activities continue to adopt digital systems to handle commercial, cargo and personal information, and even control the ships or port facilities themselves. The more we digitise the more interesting the systems become to cyber attackers and the more significant the potential impact could be when they do attack.

Of course, not all things are the same. Older vessels usually have much less digital technology than those currently leaving the shipyards. The degree of digitisation also differs where some just have navigation and communications whilst others support remote digital monitoring of cargoes, highly-sophisticated engine rooms or significant communication demands. The message here is that cybersecurity investment needs to be appropriate to the risk, as nobody has the luxury of bottomless digital budgets.

Clearing the fog

It is good that the growing importance of cybersecurity in maritime has been recognised, but with this urgent enthusiasm a fog has now started to appear. Interest is leading to action and a wide range of groups are producing their own cybersecurity guidelines and the Classification Societies is now also working on a draft set of recommendations. It is better to have guidance than have none at all, but some in the industry can see the risk of every association, nation, region or even ports starting to set different expectations.

The good news is that the fog is showing signs of clearing. The industry has formed a joint working group under the Chairmanship of George Reilly of ABS to pick up on the direction set by IMO cybersecurity guidelines and establish a common way to describe marine cybersecurity risk. The Classification Societies and key associations are keen to be part of this. I am delighted to have been retained by Inmarsat to be the facilitator for this group and bring my financial services and energy sector experience to bear.

Through this blog I will provide occasional updates on our approach towards a consistent view, especially where one maritime system connects to another. We don’t expect, or desire identical standards to be developed everywhere, but consistency of approach to risk management would help a lot. If you are active in maritime cybersecurity risk management and the development of new standards and guidelines, we would encourage you to be part of this thinking. So please do record your interest by emailing me at maritime@inmarsat.com.

Professor Paul Dorey will be presenting at the ‘Dispelling the myth – the reality of cyber security in the shipping industry’ event as part of London International Shipping Week 2017 on Wednesday 13 September 2017. The event is free to attend, to register your interested in attending click here.