Maritime stakeholders must assess the security of their entire operation—both physical and digital—to identify potential vulnerabilities. By understanding these weaknesses, they can develop a more strategic and cost-effective plan to mitigate risks, emphasizes Corey D. Ranslem, CEO of Dryad Global LTD, in an exclusive interview to SAFETY4SEA.
Ranslem notes that while geopolitics will always impact maritime operations and piracy remains a concern, it is not as prevalent as it was in the early 2000s. However, cyberattacks have emerged as a significant new threat, requiring heightened vigilance. In this context, a resilient cybersecurity plan and robust infrastructure are essential. While technology and advanced algorithms can enhance security, they also introduce challenges for connected ships. Since prevention is the most effective defense, companies must proactively prepare for cyber threats and train their personnel to recognize and respond to all potential risks, he concludes.
SAFETY4SEA: What is your philosophy for the maritime industry and your top priorities on the agenda for the next five (5) years?
Corey Ranslem: The maritime industry is one of the most dynamic industries in the world. Close to 90% of the goods we use spend part of their transport life on a ship, and millions of people are transported via cruise ships and large yachts. This industry is vital to the growth of the global economy. Over the next 5 years we are focusing on the better integration of people and technology to improve our efficiency but also help to improve the quality and ease-of use of information, and cyber protection we provide to the industry. Artificial Intelligence, advanced algorithms, and increased computing power are going to have tremendous impacts on our industry.
S4S: How have security risks evolved over the past year, and what are the biggest emerging threats for 2025?
C.R.: We have seen maritime become the focus for attacks whether it be in the Red Sea region or the Black Sea or other parts of the world. We are also seeing new threats to sovereign undersea infrastructure which will inevitably continue and mature. One of the biggest emerging threats are cyber-attacks. Many companies and vessels (cargo ships, cruise lines, and large yachts) are not prepared for the coming cyber storm – the industry as a whole is behind the rest of the corporate world when it comes to protecting IT infrastructure Technology and automation is great, but you need a resilient cybersecurity plan, and infrastructure, to deal with the vessels that are becoming more and more connected to the internet.
S4S: Latest Dryad report highlights a resurgence of piracy in the Indian Ocean. What are the main drivers behind this trend?
C.R.: We believe this trend has been caused by the shift in military resources further into the Red Sea along with some of the chaos that is being created by the actions of the Houthis. Piracy has been more active over the past few months, but not as active as it was back in the early 2000’s. It is still a concern we are monitoring.
S4S: How are geopolitical tensions impacting global maritime operations? What is your advice?
C.R.: Geopolitics will always affect maritime operations. We have multiple areas of the world we monitor for changes in the geopolitical climate and then advise our clients of the changes. Our advice is to stay informed! Make sure you understand what is happening within a region before routing a ship in that area. There are some great trusted sources you can use including Dryad.
S4S: Are there any specific regions where you foresee new or escalating security challenges in 2025?
C.R.: We are seeing increased security challenges in the South and East China Sea. We are expecting tensions to continue to rise in both regions.
S4S: What are the most pressing cybersecurity threats facing the maritime industry today?
C.R.: The largest threat is the antiquated technology found on ships; that coupled with the fact that these older fleets are becoming ever more connected due to satellite communications becoming cheaper and more reliable. Ships are built to operate in some cases for 30 plus years. So, when they are built, they have the latest technology, but that is sometimes hard to change. The current threats typically involve email and social engineering to divert funds from legitimate company operations to the attackers, or shipping companies being infected with malware and needing to pay a ransom to regain control of their critical systems. Their motivation currently is primarily financial. However, we believe this is going to continue to change in the coming years when we expect attackers to target individual ships.
S4S: Are maritime companies adequately prepared to deal with sophisticated cyberattacks? What are the best practices to maintain cyber hygiene?
C.R.: Right now, there are companies that are very prepared for cyberattacks, but the majority of the industry is not prepared to deal with the level of attacks or sophistication. Most cybersecurity tools available don’t work well or at all in the shipboard environment. Good cyber hygiene starts with training shore-based personnel and crews on how to recognize the threats. We also believe that good hygiene also starts with applying the cyber tools to the endpoint device. Firewalls are good, but protection needs to be on the endpoint device (computer) that a person is using.
S4S: Are there any positive trends or opportunities amidst these challenges that industry players should be aware of?
C.R.: Technology is going to help bring a number of new job opportunities to the industry. Jobs will be created in this industry that don’t exist today and this is a great opportunity to embrace the changing technological landscape to help prepare the future workforce. We also see more advancements in safety for the crew with the advancement of technologies like more dependable EPIRBS, life rafts, redundant communication devices and power supplies, etc.
S4S: How do you see technology shaping maritime security in the near future?
C.R.: Technology is continuing to be a big part of the maritime industry in general. New A.I. based tools in general maritime security and cybersecurity are going to significantly improve security within the industry. Over the next few years we are going to see rapid technological advancements in maritime security and the industry in general. We hope the impact continues to improve for better physical safety of crew as well as providing usable-real-time-information so they may be better informed when it matters most.
S4S: If you could change one thing across the industry from your perspective, what would it be and why?
C.R.: The one issue I would change is communication. Our industry does not do a good job of sharing information on best practices. The aviation industry has been sharing best practices to improve safety of operations for a long time, but the maritime industry is very far behind when it comes to any information sharing.
S4S: What is your key message to maritime stakeholders to enhance security and stability at sea?
C.R.: It is a good idea to conduct security surveys of your entire operations and understand where the vulnerabilities lie within your organization. This includes physical and cyber. If you understand your vulnerabilities you can then build a plan to mitigate those vulnerabilities in a more cost effective manner. Emergency response and reaction is always more expensive than prevention.
The views presented are only those of the authors and do not necessarily reflect those of SAFETY4SEA and are for information sharing and discussion purposes only.
