Maritime Cyber Risk Management Forum


The 2019 Maritime Cyber Risk Management Forum is scheduled to be held in London at Norton Rose Fulbright in the London Riverside, on 25th June as per the press briefing published

How Prepared is the Maritime Industry for Future Cyber-Attacks?

Recognising and Addressing the Risk

The maritime industry is becoming increasingly reliant on technology and the use of data. This also brings a range of increased cyber risks to which the maritime industry is not immune. Cyber security will only get the organisational attention needed once attitudes align to acknowledge cyber threats as a business risk.

To address the key issues facing shipowners, Riviera Maritime Media is organising the 4th Maritime Cyber Risk Management Forum, in association with and hosted by Norton Rose Fulbright, in London, 25 June 2019.

The event provides an unrivalled opportunity for 100 key maritime industry stakeholders, including ship owners and C-level decision makers, to analyse the Maritime’s cyber security preparedness.

  • How vulnerable are your vessels?
  • What are the risks?
  • How to protect your ships from cyber-attacks?
  • What steps need to be taken?
  • What are the emerging cybersecurity technologies to watch?
  • How can ports stay ahead of technological developments, automation and cybersecurity risks?

Don’t miss this one-day interactive programme for a chance to learn, collaborate and discuss the actions that need to be taken to defeat the cyber risk threats, such as VSAT hacking, IT to OT ransomware attacks, control loss of navigation systems, Planned Maintenance System shore and vessel attacks.

Simulated cyber-attack exercise

Based on a cyber-attack scenario, engage, learn and discuss solutions to improve your cyber resilience and security incident response plan. How would you respond? How to detect and be ready for the inevitable?

Limited Space Book a place now

  • Get legislation advice and guidance on risk and compliance from regulatory experts
  • Numerous networking opportunities during the day with coffee breaks, networking lunch and a drinks reception
  • A full day of amazing keynote presentations, case studies, panel discussions, a simulation exercise and a start-up incubator
  • Examine the latest issues that make cybersecurity challenging for the maritime industry

The Program Schedule

08.15 Registration and coffee (ground floor)

08.50 Welcome address from the conference chairmen

Philip Roche, Partner, Norton Rose Fulbright

Edwin Lampert, Head of Content, Riviera Maritime Media

09.00 Keynote: Maritime and Cybersecurity coordination

Specificities of the maritime domain – the French cross sectorial approach.

Similarities between digital and maritime approaches.

Global maritime cyber coordination – avoid the fear to share.

Bruno Bender, Maritime Cybersecurity coordinator, Secretary for the Sea – France


This session provides up to date information on legal, regulatory and liability considerations and gives you the tools you need to build and develop an effective risk management strategy.

Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

09.15 Legal and regulatory compliance in the cyber incident response context

Positive obligations under GDPR and how to comply with them in the cyber incident context.

Other obligations which may be of relevance, including NIS.

Going beyond “mere compliance” – how best to respond to cyber incidents in a way which mitigates.

the risk of losses and liabilities more generally?

Steven Hadwin, Head of Operations – Risk Advisory and Cyber Security, Norton Rose Fulbright

09.35 Cyber risk management – the guidelines on cyber security onboard ships

Identifying roles and responsibilities.

Identifying systems, assets, data and capabilities that pose risks to ship operations when disrupted.

Protect, detect, respond and recover: implementing risk control measures and contingency plans to provide resilience and restore systems vital for ship operations impacted by a cyber incident.

Michael Hawthorne, CEO, Cobweb Cyber

09.55 Insurance cover for liability and property damage arising from a cyber incident

Distinguish between the different aspects of the term “cyber”.

Ensure that you are acting with reasonable care in your approach to managing cyber risk.

Exclusion clauses – What losses are and aren’t covered by Norwegian Hull Club, which could arise from a cyber incident, and are not in the nature of third-party liabilities arising from the operation of the ship?

Leif Olav Sætenes, Senior Claim Handler, Norwegian Hull Club

Morten Aalén, Head of Loss Prevention and Emergency Response, Norwegian Hull Club

10.15 Q&As

10.35 Coffee and networking break in the exhibition area (Terrace Suite, 9th floor)


As there still seems to be an attitude of ‘it won’t happen to me’, How many shipping companies have understood the risks that satellite and onboard equipment bring? These case study presentations allow you to understand what ship owners are doing and not doing. How are they trying to cope, and which measures are they taking?

Session Chairman: Philip Roche, Partner, Norton Rose Fulbright

11.15 Vendor Risk Management: Overcoming Today’s Most Common Security & Privacy Challenges                                                                                                     

Managing third-party vendor risk before, during and after onboarding is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to secure sufficient vendor guarantees and effectively work together during an audit, incident – or much more. In this session, we’ll breakdown a six-step approach for automating third-party vendor risk management and explore helpful tips and real-world practical advice to automate third-party privacy and security risk programs.

Review the drivers and challenges organizations face when managing third-party vendor risk

Identify priorities before, during and after vendor procurement

Takeaway a six-step approach for automating the third-party vendor risk lifecycle

Hear real case studies from privacy experts on how to practically tackle the third-party vendor risk

Jacob Eborn, Privacy Consultant, OneTrust EMEA

11.35 Implementing the lessons learned from a major cyber attack

In June 2017 Maersk suffered a major NotPetya cyber-attack, this session explains lessons learned, and how they are now being applied within Maersk.

How the Cyber-attack happened?

How was it dealt with and what steps were taken?

What were the consequences?

What were the cost implications?

What was the follow up to the cyber threat? Contingency plan.

Andy Powell, CISO, A.P Moller – Maersk

11.55 Cyber lessons learned from Industrial Control Systems – What can the maritime industry learn from the ICS

What changes have happened in the post-Stuxnet era ICS world and the what challenges control system asset owners are facing?

What kind of approaches are the advanced manufacturing companies using in protecting their critical control systems?

What are the main challenges we still face nearly 10 years after Stuxnet?

How can maritime industry best utilise the ground work laid by the ICS community? ICS standards, frameworks and best practices applicable to the maritime industry.

Janne Taponen, Maritime Cyber Security Expert, F-Secure

12.15 Q&As


Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

12.35 What is the magnitude of cyber risk?

Based on a cyber-attack scenario, you will be able to discuss the possible outcomes and solutions and highlight the complexity of the maritime cyber security sector. This will give you the opportunity to verify your own ideas and plans:

The problem is now, but what is the real magnitude of cyber risk?

Business security challenges to the exponential growth of the IoT. Are you on the verge of being attacked?

How do we convince the main boards of shipping companies to take cyber risks seriously?

Find the right balance and allocate a budget to reduce risk exposure and implement it.

Kieren Niĉolas Lovell, Incident Management Specialist, Tallinn University of Technology

Ken Munro, Consultant, Pen Test Partners

Elisa Cassi, Product Manager, Lloyd’s Register EMEA

13.35 Networking lunch in the exhibition area (Terrace Suite, 9th floor)


This session will help ports and maritime operations understand and appraise the cyber security threats, balance digital opportunities with new cyber threats and raise cyber security to an acceptable level.

Session Chairman: Philip Roche, Partner, Norton Rose Fulbright

14.45 Innovative Risk and Security Management solutions for protecting European Ports and their Supply Chains

How can we enhance the security and resilience of the ports’ critical infrastructures?

How can we help port operators anticipate and withstand potential cyber, physical or combined threats?

How can we effectively estimate risks in port supply chains?

Are there appropriate efficient and effective tools that provide risk and security management?

Prof Christos Douligeris, Department of informatics, University of Piraeus

Dr Spyros Papastergiou, Technical Manager, University of Piraeus Research Centre

15.05 Resilience planning – Maritime ports to up their game in cybersecurity

A solid cyber security plan is a must in any modern port. How ready are you?

Identifying actions for when a cyber event will occur.

Planning for protection against threats or categories of threats.

Creating a response plan that clarifies action and provides an incident response team.

Daniel Ng, CEO, Cyber Owl

15.25 Using AI for Real-Time Threat Detection across OT & IT

How to use artificial intelligence to detect emerging threats and latent vulnerabilities.

Achieving 100% visibility across OT, IT and Industrial IoT.

Real-world case studies of stealthy cyber-threats identified early by cyber AI – before a crisis occurred.

Andrew Tsonchev, Director of Technology, Darktrace

15.45 Q&As

16.05 Coffee and networking break in the exhibition area (Terrace Suite, 9th floor)


What should the industry do to reduce cyber risks? Should cyber security responsibilities be moved up a level and from IT to Operations? A change in approach to the problem needs to occur. Stakeholders are spreading the risk awareness beyond those who are ready and engaged to those who aren’t to defeat the cyber threat.

Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

16.45 Panel Discussion: The weakest link: the role of human error in cybersecurity

The importance of crew awareness to achieve more integrated risk management.

What tools are available to train staff onboard and ashore?

What resources and capabilities do ship companies have?

Security through collaboration – Combining ideas and experiences, such as a global Cybercrime reporting portal, for the benefit of the maritime community.

What are your legal obligations as a shipowner?

Panellists include:

Kewal Rai, Policy Adviser for Cyber Security, Department for Transport

Philip Roche, Partner, Norton Rose Fulbright

Anu Khurmi, Director, The Maritime Cyber Emergency Response Team (MCERT), Templar Executives

Prof Keith Martin, Information Security Group, Royal Holloway, University of London

17.10 Q&As


Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

Riviera Maritime Media Cyber Security Hub serves as an innovative start-up and pioneers’ incubator, designed to help develop ideas and early stage projects by tapping into the knowledge, skills and connections of attendees. Riviera Maritime Media Cyber Security Hub is for people who care about cyber technology and risk, to get fresh ideas, identify new opportunities and expand business and professional networks.

17.20 Challenges in maritime incident response

Take the journey as we explore responding to a cyber incident in 2 hypothetical scenarios involving a vessel at sea and at a port.

How did the vessel get impacted? What actions can we take? Where do liabilities land?

What preparations can be taken?

Jason Dely, Director, ICS and Critical Infrastructure, Cylance

Steven Hadwin, Head of Operations – Risk Advisory and Cyber Security, Norton Rose Fulbright.

17.40 The CIRM Cyber Risk Code of Practice for Providers of Marine Electronic Equipment and Services

CIRM will soon release a voluntary Code of Practice and associated Guidance to encourage implementation of cyber security best practice by CIRM member companies.

The Code of Practice is based on the principle that cyber risk management is a chain of trust where every participant is responsible for providing the elements needed to establish a complete chain of cyber security.

This presentation will introduce the 6 guiding principles for Vendors of Marine Electronic Equipment and Services to establish their role in the chain of trust for a secure digital maritime environment.

Philip Lane, Technical Officer, CIRM

18.00 Q&As

18.10 Closing remarks from the conference chairman

Edwin Lampert, Head of Content, Riviera Maritime Media

Philip Roche, Partner, Norton Rose Fulbright

18.15 Drinks reception in the Terrace Suite (9th floor) sponsored by International Registries, Inc

19.30 End of forum

* Programme subject to amendments/change

Sponsors To Gain High Visibility

Sponsors of the Maritime Cyber Risk Management Summit 2019, in association with Norton Rose Fulbright, are guaranteed high visibility and a positive association for their products and services in front of their target market.

How to sponsor at the event?

Three primary sponsorship options are available:

Partner Level, Other sponsorship including Lunch, Coffee, Drinks Reception and Slido Exhibitor

What are the benefits of sponsoring?

Become a Partner Sponsor at the Maritime Cyber Risk Management Summit and benefit from:

Pre/during/post event branding through our website, promotion in Maritime Digitalisation & Communications, and on our extensive social media presence in the maritime world via Twitter and LinkedIn

A speaking opportunity

Whitepaper upload

Video interview uploaded onto our website and featured on the Maritime Digitalisation & Communications email newsletter

Price on application. Please contact [email protected]

Lunch, Coffee or Drinks Reception Sponsor:

Sponsor either the Lunch, Coffee or Drinks Reception and benefit from pre/during/post event branding.

Opportunity to address the event delegation gathering at your lunch and/or drinks reception.

Price on application. Please contact [email protected]

Slido Sponsor:

Slido allows an event organiser to crowdsource questions from the event audience easily, anyone can ask a question, anonymously or with their name attached to further enhance audience engagement. Slido also allows an event organiser to run audience polls, share slides and stream presentations.

Sponsoring Slido offers a unique opportunity for a company to add their brand to the event’s Slido app and all post event information shared from Slido along with a host of other benefits.

Price on application. Please contact [email protected]

Other sponsorship options include:

  • Event lanyards and badges
  • Delegate bags
  • Pads and pens
  • Bottled water
  • Distribution of publicity materials

Price on application. Please contact [email protected]

To learn more about branding and sponsorship opportunities please email [email protected]

Did you subscribe to our daily newsletter?

It’s Free! Click here to Subscribe!

Source: Shipcybersecurity


This site uses Akismet to reduce spam. Learn how your comment data is processed.