- Shipping has taken important steps in cyber security, but leaders must continually address cyber risks that are unique to their organisations and operating environments.
- This was a clear message from all speakers at the latest ICS Leadership Insights dialogues on 10 February 20201, focusing on cyber security.
- Esben Poulsson, ICS Chairman opened the discussion and stressed that cyber risk management should be high on shipping’s agenda.
A recent news article published in the ICS Shipping website reveals about Leadership Insights Series: Cybersecurity roundup.
Esben Poulsson, ICS Chairman
Cyber security is more than just the digital equivalent of the guns, guards and gates of the physical world.
The internet is global, and attacks can spread across borders and through corporate networks.
And cyber security is more than just an insurance policy – it is potentially all about business survival.
A breach of cyber security might not just damage a business; it could bring it to a standstill causing losses of tens if not hundreds of millions of dollars.
Paivi Brunou, Head Cyber Security, Wartsila Voyage
He stressed it is important for the shipping world to capitalise on the benefits of becoming more digitally connected, ship to ship and ship to shoreto optimise operations.
However, Brunou warned that as digital systems become more interconnected and complex, so too does identifying and managing the cyber risks.
“A cyber incident is not always like a massive fire; it is not always easy to see something going on with system. The 4th industrial revolution has changed how we work, where we work and the skills we need in the last decade.”
In the next decade it will be even more difficult to identify and manage cyber risks due to the growing complexity, greater connectivity and an expansion of the attack surface.
Julian Clark, Global Senior Partner, Ince
“The maritime sector is seen as soft target in relation to cyber exposure. The aviation sector, for example, are well ahead of us and the statistics speak for themselves. There has been a 400% increase in cyber incidents in the maritime sector in last 12 months.”
Speakers urged shipping not to overlook the threat of cyber criminals utilising weak points in operational technology (OT) to gain access to its IT systems.
The equivalent of a burglar breaking into your poorly protected garage to gain access to your heavily protected house.
Clark said there has been a 900% increase on OT cyber incidents in the last three years.
Chronis Kapalidis, Associate, International Security Department
He warned of the sophistication of cyber criminals targeting shipping, from hackers utilising open source information on Internet of Things devices to gain access to a companies’ IT systems through Wi-Fi connected ‘smart’ lightbulbs.
In another case a shipping company was experiencing multiple pirate boarding’s in the Gulf of Aden.
It was later found that the pirates were paying hackers to gain access to voyage plans to optimise their attacks.
Phillip Morgan, Professor of Human Factors and Cognitive Science
He said, “Humans can be the strongest line of defence against cyber incidents.”
“Human cyber vulnerabilities are not always obvious. Impulsivity, gender, an extrovert personality are not always good measures of who will be a more successful target. Threat appraisal, security self-efficacy and an affinity with the devices we use are often more key.”
Clark put forward the notion of a cyber security kitemark for shipboard systems that can be regulated and recognised as a trusted standard.
Ultimately, the message is that shipping must not take its eye of the ball as cyber risks continue to increase and evolve.
Did you subscribe to our daily newsletter?
It’s Free! Click here to Subscribe!
Source: ICS Shipping
