Cyber risk management needs to be embedded in operations
An increase in digitalised operations means vessel operators are increasingly able to view their vessels as mobile offices and remote nodes on their network with wide area network and cloud access.
The demand for digital voyage solutions and vessel efficiency tools is such that every ocean voyage potentially needs optimisation and creates a higher load of ship-shore data. At the same time the ship’s critical systems are becoming increasingly connected as vendors seek to gather performance data to share with managers.
Threat intelligence sharing should be prioritised across organisations, because the wider the scope and scale of visibility of threats, the more we can detect and mitigate new and emerging ones.
While IT systems have long been a focus of cyber threats, Operational Technology (OT) remains a major security concern due to the lack of visibility of security controls put in place by original equipment manufacturers.
Improved security awareness means making sure that teams are informed and aware of how to recognise threats and how to handle IT and OT systems regardless of their role. This means ensuring that all employees are aware of where a company is vulnerable and implementing a policy that ensures these processes are correctly followed so that they remain effective.
Because organisations are traditionally constructed with hierarchies and segregation between departments and sections of the workforce, they can lack the ability to bring cyber security together in a consolidated strategy. It should be the responsibility of the whole ecosystem of people onboard and ashore from the most senior people to the most junior, to be aware of the threats to digital assets and how to manage that risk.
Case Study: Managing threat vectors
Malicious software can be used to infect maritime IT or OT systems, disrupting operations, stealing sensitive information, or holding data hostage for ransom. Ransomware attacks, in particular, have become more prevalent, where attackers encrypt critical data and demand payment for its release.
More and more organisations in the maritime industry have realised that there is a long term, cost benefit to applying high quality cyber security principles, because when they deploy the right tools and services, the impact is felt at the bottom line.
Sign up to stay secureInsights
Read about our latest insights and explore the forefront of digital protection through our curated selection of news, articles, and expert blogs.