Specifically, he noted that overlooking the human elements of cyber security operators undermine the possible benefits of acquiring a new technology – introducing risk instead capitalising on the rewards it can offer.
According to Mr. Coles, noted that cyber security risks can be quantified and managed, based on the right approach taken. Thus, he noted that although digitalization is fragmented - as he has previously commented to LR's James Forsdky - , ensuring profitability in the future depends on three cornerstones:
- Threat-Intelligence Assessment: As the cyber security landscape is rapidly changing, basic threat intelligence and assessment activities enable an owner to view their organization through the eyes of a potential attacker, to perceive their attack surface in detail, and to assess the real-world threats to their business.
- Crisis-management cyber attack simulation: When being informed about the attack surface and adversaries, owners take a further step towards safely, effectively and efficiently ensuring that they're prepared to manage a cyber attack by using a simulated cyber attack known as a ‘red team’ exercise. Thus, this kind of exercises enable a company to detect and respond a cyber attack, while also training defence teams about effective responses to danger.
- Define a cyber security strategy: Having a specific cyber security strategy completes the basis of a secure technological and organisational infrastructure. Therefore, security experts can collaborate to create a cyber security strategy to create operational efficiencies.
Ultimately, a truly cyber resilient shipping organisation is one that gains intelligence on evolving cyber threats to inform decisions and plans, going beyond the minimums needed to achieve compliance