In its latest issue of “Phish & Ships”, Be Cyber Aware at sea, touches upon the issue of cyber security. It presents thoughts of of industry leaders, as well as advice and new guidance on how to deal with maritime cyber risks.
Ahead of IMO’s announcement, that it will begin to consider updating the International Convention for the Safety of Life at Sea (SOLAS), to allow unmanned cargo ships to travel between countries. However, there are still many remaining doubts, not least in the face of a cyber attack.
A survey conducted by Clyde & Co and the Institute of Marine Engineering, Science & Technology (IMarEST), showed that almost two-thirds (64%) of global marine industry executives believe there is uncertainty regarding liability issues of unmanned ships, in the case that a vessel is involved in an incident as a result of a cyber attack.
Furthermore, concerns about cyber risk also weighed heavily in the considerations of respondents. Namely, over two thirds (68%) fear that unmanned ships pose a greater cyber security risk than traditional ships.
Clyde & Co stressed that marine executives are right to be concerned about the potentially increased threat of cyber attack as a result of the use of unmanned ships. However, they note that the maritime industry as a whole has been criticised for being a bit slow in reacting to existing cyber threats, including fully crewed vessels and that the biggest threat to any organisation’s cyber security posture is still, human error.
Moreover, the new issue mentions that developers of the first cyber security service designed and tested specifically for maritime use, claimed that their product has prevented its first real-world cyber-security attack on a shipping target.
The new cyber security platform, Angel, was developed by Navarino and was launched at the end of October.
Navarino’s solutions architect Stratos Margaritis, stated: “It was a denial of service attack that was immediately caught and blocked. The attack was isolated from the network. That’s how Angel operates.”
Additionally, Be Cyber Aware at Sea outlines the importance of a cyber security officer.
In light of the recent DFT publication Code of Practice: Cyber Security for Ships, the latest “Phish & Ships” describes the role of a cyber security officer (CySO).
Specifically, the officer sits between the technical IT teams, the risk management function, the legal and regulatory stakeholders, and is aligned to business objectives.
The CySO is responsible for implementing a cyber security plan that incorporates the following:
- Prevention of cyber incidents by educating senior and frontline management and end users,
- detection of incidents with a blend of technology and analysis of data,
- execution of a response and recovery programme by implementing the business continuity and disaster recovery plans.
The dedicated person must have the seniority to manage supply chain cyber risk for secure procurement activities and be responsible to contracts set by clients in relation to their cyber exposure, the report concludes.
For further information into Be Cyber Aware at Sea’s latest issue, click below
