It is known that nowdays cyber-attacks can cause electric blackouts, breaches of national security secrets or theft of valuable and sensitive information, which further affect critical infrastructure. Therefore, it is of vital importance for companies to safeguard their operations and avoid negative impacts on their entire business.
Cybersecurity is the single largest growing threat to organizations globally, as the expansion of threat surfaces through interconnected technologies and automation significantly increases exposure and risk.
Speaking of cyber attacks, Lloyds Register held an online webinar in late September 2021, focusing on key trends and observations around the threat landscape, controls and measures to effectively address such threats and how effective management of information and cyber security risks supports organizational resilience.
Among others, speakers from LR, Nettitude, Coty and Sungard Availability Services noted the following serious threats that affect business
- denial of service
- ransomware
- socialengineering, e.g. phishing
- applications attacks
- supply chain attacks
As explained, marine and offshore companies are facing a range of cybersecurity-driven challenges. In light of the emerging trends around the cyber threat landscape, speakers urged that the industry needs to pay attention to the following elements:
- Reliance on digital communication, automation and interconnected technologies. This leaves infrastructure vulnerable to cyberattack.
- Complexity of the maritime and offshore (M+O) ecosystem. Multiple stakeholders, industry bodies, administrations and regulators at an international, national and sector-specific level add additional challenges around compliance with cybersecurity best practices.
- Potential for legal liability around vessel delays and subsequent cargo, supplier or passenger claims. M+O companies must ensure that cybersecurity processes do not impede them in meeting strict timelines.
- A lack of industry awareness around cyberthreats. A lack of awareness and staff training remains an issue in the maritime and offshore (M+O) industries, making them susceptible to targeted phishing attacks. These attacks are increasingly being seen in the sector.
- Facing this complex cyber threat landscape requires a shift in mindset.
In response to cyber threats, speakers explained that effective management of information and cyber security risks support organizational resilience. Specifically, every company should adapt a business continuity program methodology by taking into consideration:
- Conduct risk assessments to identify threats and vulnerabilities
- Conduct impact analysis to identify mission critical business units and applications
- Develop and implement recovery strategies for mission critical business units and applications
- Keep document recovery plans
- Coordinate and execute recovery exercises
- Validate and review recovery strategies
- Integrate lessons learned and perfom self-assessments
