Subscribe to our Mailing Lists (It's free!)
Friday, July 11, 2025
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    IMO piracy

    IMO Piracy Report: Twenty five incidents during May 2025

    Dryad Global

    Dryad Global: Geopolitical tensions continue to shape maritime landscape

    ireland drug seizure

    Ireland’s largest drug smuggling plot leads to eight men in jail

    limpet mines tankers

    Greek tanker fleet boosts security amid limpet mine fears

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    BIMCO FuelEU Maritime Regulation

    EU issues low-carbon hydrogen fuel standards

    clean air act

    California updates ballast rules for water from low salinity areas

    biofuels

    India’s DGS issues biofuel bunkering guidelines

    biofuel

    Companies sign deal to advance crude lignin oil biofuel

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    Panama Canal

    Panama Canal reports increase in transits despite dry season

    UNCTAD

    UNCTAD: Global trade endures policy changes and uncertainty

    Eternity C

    Watch: Eternity C sinks in the Red Sea following Houthi attack

    newbuildings xclusiv shipbrokers

    Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

  • Columns
    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    IMO piracy

    IMO Piracy Report: Twenty five incidents during May 2025

    Dryad Global

    Dryad Global: Geopolitical tensions continue to shape maritime landscape

    ireland drug seizure

    Ireland’s largest drug smuggling plot leads to eight men in jail

    limpet mines tankers

    Greek tanker fleet boosts security amid limpet mine fears

  • SEAFiT
    • All
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
    friendship

    Exploring the human need for friendship: A lifeline at sea and on shore

    neck pain

    Neck pain: A growing health concern for maritime workers

    Book Review: Building leaders the MMMA way

    Book Review: Feel grounded and think positive in 10 simple steps

    time

    Stay SEAFiT: Time is non-renewable – invest it wisely

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    BIMCO FuelEU Maritime Regulation

    EU issues low-carbon hydrogen fuel standards

    clean air act

    California updates ballast rules for water from low salinity areas

    biofuels

    India’s DGS issues biofuel bunkering guidelines

    biofuel

    Companies sign deal to advance crude lignin oil biofuel

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    Trafigura, ZeroNorth join forces to advance decarbonization solutions

    floating data centres

    New partnership to develop floating data center on retrofitted vessel

    connectivity

    Innovating ocean safety: Intellian’s unified vision for connectivity and GMDSS

    autonomous navigation

    New deal aims to advance autonomous navigation technology

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
    AMSA fine

    NorthStandard: Tips to avoid pollution fines in Turkey

    OCIMF

    OCIMF Annual Report 2025: SIRE 2.0 a welcome change for the industry

    USCG

    ABS PSC Report Q1 2025: 526 total vessels detained

    paris mou lists

    Paris MoU 2024 Performance lists

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
    Panama Canal

    Panama Canal reports increase in transits despite dry season

    UNCTAD

    UNCTAD: Global trade endures policy changes and uncertainty

    Eternity C

    Watch: Eternity C sinks in the Red Sea following Houthi attack

    newbuildings xclusiv shipbrokers

    Xclusiv Shipbrokers: Newbuilding momentum slows sharply in 2025

  • Columns
    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    Career Paths: Syb ten Cate Hoedemaker, Maritime Battery Forum

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    NorthStandard: Data sharing to drive technology and improve crew wellbeing

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    GSR Services: The Hong Kong Convention sets the rules for total ship lifecycle responsibility

    Trending Tags

    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

Cyber incident response crucial to cope with cyber risks

by The Editorial Team
July 6, 2020
in Cyber Security
phishing

Credit: Shutterstock

FacebookTwitterEmailLinkedin

In the July edition of Be Cyber Aware at Sea, Phish and Ships along with Axis focus on incident response, explaining what it is and the importance of it, as the shipping industry is becoming more digital than ever.

Accordingly, incident response is the process of detecting security events that may have a negative impact on network resources and information assets and then having the capability to respond and recover effectively in a timely manner.

The digitalization of the shipping industry comes with the increase of cyber threats and attacks. Therefore, it is important to understand the risks arising and adopt an incident response.

It is advised to develop and exercise a Cyber Incident Response Plan CIRP.

RelatedNews

IACS reports progress on decarbonisation & digital transformation

Ports get €22 million grant for digital and electrification solutions

Although the use of CIRP can be helpful, it is reported that there are some common mistakes that can hinder a business in making the most out of a CIRP.

#1 No document owner results:

Having no specific person to lead with the management of the CIRP can result in a lack of accountability and diffusion of responsibility. This creates the perception of there’s always another priority and consequently the document is likely to become stagnant. SOLUTION: Define a specific function along with a named individual as the document owner

#2 No document approver results:

With no defined document approver/ approvers could mean there is a lack of organization-wide buy-in and the CIRP is deemed not to reflect the interests of the business. This can also lead to approval being requested during the time of an incident, which is not the time to be asking and will hinder the ability to respond timely. SOLUTION: Define a document approver or committee a group of approvers who can review and sign off the CIRP at least once a year.

#3 Lack of representation from non-technical results:

A CIRP that is heavily reliant on technical resources only is likely to struggle during major incidents. If a business falls victim to a breach of a client’s sensitive information the response will require more than just the IT / security team’s involvement which is why cross-functional buy-in, and involvement is ideal. SOLUTION: Ensure the CIRP has cross functional contribution from Legal, Media, Finance, Risk Management, Physical Security, Executive Management, Audit, Info Sec IT and Vendors. Define limitations of authority, know exactly who can do what, where, when and how.

#4 Single points of failure results:

SPF’s can occur in many forms within the categories of people, process and technology. For example, a CIRP that point to a single position which encompasses a variety of skills can easily lead to the burn out of this individual during a large incident, or if they are not able to respond due to other commitments this can leave gaps in the response. Managing and responding to an incident should be separate responsibilities, it can become problematic if a single person is responsible for both as it would extremely difficult to communicate with both technical and operational elements at the same time and both have unique roles during an incident.

Solution: Recognize the SPF and diversify the team taking a team approach to the CIRP. Define the two specific lead functions for a technical and strategic response, they should work in tandem just have a different focus. Ideally the strategic lead should be 75% political 25% technical and vice versa for the technical lead.

#5 No pre-defined severity levels results:

This can result in the CIRP having a binary response, it’s either on or off and there are no clear levels in between. So, the binary response does not enable a variation of responses based upon the different levels of severity of the incident. If there are no defined severity levels this can result in the same response for all incidents, creating fatigue and a lack of seriousness during the time of a severe incident.

Solution: Define the severity levels from 1-4 and break the levels down into symptoms not threats, threats are constantly changing so they are not effective to respond to.

 

Highlights

  • CIRP requires cross functional input and buy-in from senior management
  • A CIRP is a live document and requires an owner, approver and regular maintenance
  • Must address a range of security incidents from simple malware all the way to complex breaches by detecting the signs and symptoms of an attack. The common failures discussed are not exhaustive but simply a good start point for considerations when planning.
Cyber incident response crucial to cope with cyber risksCyber incident response crucial to cope with cyber risks
Cyber incident response crucial to cope with cyber risksCyber incident response crucial to cope with cyber risks
Tags: cyber securitydigitalization
Previous Post

Study reveals gas hydrate plug may have led to Deepwater Horizon explosion

Next Post

Inmarsat investigates the role of technology in improving life onboard

SUGGESTED FOR YOU

floating data centres
Smart

New partnership to develop floating data center on retrofitted vessel

July 7, 2025
estonia
Shipping

EST Flag: Offering a digital and sustainable business model

July 7, 2025
cosco dual-fuel
Green Shipping

COSCO takes deliver of breakthrough dual-fuel container ship

June 25, 2025
world's first ammonia
Fuels

Companies issue world’s first ammonia-to-ship digital fuel certificate

June 25, 2025
iaph cyber security
Cyber Security

IAPH releases cyber security guidelines for new port technologies

June 24, 2025
LR: Good data is a crucial foundation for improving safety
Opinions

ABS Consulting: Make cyber risk part of the daily safety conversation

June 23, 2025

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Explore more

No Result
View All Result
MARITIME EVENTS

Explore

  • Safety
  • SEAFiT
  • Green
  • Smart
  • Risk
  • Others
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Content Marketing
  • Contact

© 2025 SAFETY4SEA

No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA

Manage your privacy
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show (non-) personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Manage options
{title} {title} {title}
No Result
View All Result
  • Safety
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • SEAFiT
    • Intellectual
    • Mental
    • Physical
    • Social
    • Spiritual
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Case Studies
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Anchor Your Health
    • Book Review
    • Career Paths
    • Human Performance
    • Industry Voices
    • Interviews
    • Maripedia
    • Maritime History
    • Opinions
    • Regulatory Update
    • Resilience
    • Seafarers Stories
    • SeaSense
    • Tip of the day
    • Training & Development
    • Wellness Corner
    • Wellness Tips
  • SAFETY4SEA Events
  • SAFETY4SEA Plus Subscription

© 2025 SAFETY4SEA