Cyber attacks are increasing and are becoming more sophisticated on a daily basis. The shipping industry has to deal with big data, blockchain and IoT, having more pressure to excel its cyber security systems, as every part of the hybrid networks serving remote offices, ships and IoT devices must be secured.
#1 How are you securing your networks (not just your satellites)?
Today's challenge is to ensure that the company's entire ecosystem is protected by the highest security posture and is able to harden itself against the gamut of attacks pervasive in today’s environment.
#2 What is your Information Assurance plan? What are the key elements?
All satellite operator security programs need to take a systematic defence-in-depth approach to detect, prevent and mitigate attacks.
Integrated Security Program:Satellite operators and their ecosystem partners should have separate plans to deal with cyber security. Marlink proposes that your satellite operation should have its own information security functions that operate separately from the ecosystem partners, which will be able to work apart from its own network and satellite operations. This ensures that their security and monitoring of the framework remains centrally managed and controlled by the satellite operator.
Layered Security Framework: Layered frameworks are crucial to ensure the confidentiality, availability and integrity of the satellite operator’s services.
Assessment and Remediation Program: It should include recurring penetration assessments, organisation-wide control assessments and third-party audits against the service operator’s satellite and terrestrial service environments. This includes satellite commanding, teleport, terrestrial and service management infrastructure and relevant service procedures.
Moreover, the company's culture and operational fabric has to include training and awareness of cyber threats, so that employees and all stakeholders are able to avoid and know how to deal with a cyber attack.
Recently, in an exclusive interview with SAFETY4SEA, Marlink's President, Tore Morten Olsen highlighted that there should be complete awareness of the challenges from crew members who interact with the IT networks on board, but also board members who are responsible for budgets and steering a company’s processes and culture.
#3 What measures will you incorporate to ensure that the satellite portion of my network will remain available during a breach or an attack?
The question should be rightly asked as 'how well your satellite operator can manage a breach and still maintain your network availability and integrity.' A satellite provider should incorporate in its services high availability and resiliency.
This will remediate events and maintain control in the event of interference or a cyber-attack.
Consequently, each company should implement fully redundant, hot standby satellite operation centres, which will command the fleet at any time, using multiple teleports and remotely operate the other centre’s equipment.
#4 What are you doing to keep ahead of the fast changing threat environment?
To better protect a satellite network from cyber-attacks the best option is to set layers of countermeasures, to be able to deal with the most advanced threats.
Marlink recommends that in order to stay abreast of increasingly sophisticated and powerful attacks, a satellite operator’s Information Assurance program should be:
- Preventative – With advanced assessment, indicator, analysis and prevention countermeasures and controls to block threats and exploit attempts;
- Detective – Identifying threats with intelligence sources, anomaly, signature and behaviour-based techniques, among other detection measures;
- Access and Authentication – Measures to enforce authorised and secure access to information resources;
- Management –Event correlation and management as well as configuration of controls and countermeasures all integrated.
Concluding, Marlink received the 2019 SMART4SEA Connectivity Award during the 2019 SMART4SEA Conference, for the continuous growth of its global satellite network ‘XChange Cloud’, a digital business optimization tool providing a secure platform for the optimized transfer and synchronization of files between ship and shore, and for its Cyber Guard Suite, the company’s fully integrated Cyber Guard portfolio.