While speaking at Cloudsec 2019, Mr. Carling linked modern cyber security practices to the mistakes made onboard Titanic leading to disaster, according to data provided by IT Pro.
As noted, Titanic’s captain ignored warnings from other ships about the iceberg, just as system administrators either ignore or misread warning signs of an imminent cyber attack.
Additionally, Mr. Carling stressed, the captain was speeding at 22 knots, demonstrating unsafe work practices, just as managers are ignoring security best practices.
Thirdly, he added, the crew of Titanic had not undergone any disaster drills, just as current company employees are not trained on how to react in cyber-related incidents.
Finally, Carling stated, Titanic was outfitted with too few lifeboats for the number of people onboard, and the crew knew about this when the ship departed. This is like when employees silence 'the security voice'.
Concluding, he noted that the future of cyber security lies in stronger regulations rather than self-policing.
For example, the network and information systems (NIS) directive adopted by EU in 2016 seeks to unify the standards of cyber security to help protect member states from cyber attacks.
Cyber security has risen as a key issue for shipping industry. While increased automation and artificial intelligence seem to open new routes for shipping, vulnerability of systems is another area of concern the industry has to encounter.
In mid-2017, the industry was shaken by a major cyber-attack against Maersk, the world’s largest container shipping company, which led the sector to adopt a new look at cyber security issues.