IMO2021 came into effect on 1 January and it is vital that ship owners and managers continue to monitor the systems and processes in place to ensure vessels remain cyber secure. Mike McNally, Commercial Director at GTMaritime discusses what shipping companies can do to ensure cyber security and that they remain compliant with the new regulations.
The IMO2021 guidelines on maritime cyber risk management provide the basis for a safer, more secure and resilient cyber space for shipping operations. They create a framework for ship owners and operators to develop rigorous hardware, software and crew training defences against a rising tide of cyberattacks affecting ships at sea.
There are three ways companies can reduce the attack surface and minimise exposure to cyber-threats.
The first is to complete a regular cyber security audit. Companies need to assess how they are currently managing cyber security then identify and define the roles and responsibilities required for cyber risk management. This includes identifying which systems, assets, data and capabilities could present a risk to each vessel’s operations if disrupted. When discussing cyber security, a lot of people focus on administrative systems (IT) as the source of data breaches. However, the cyber threat to operational technologies (OT) is especially important as the maritime industry embraces digitalisation because breaches can have an impact on crew and vessel safety.
With this in mind, once a company has completed the audit it is then in a position to look at how it is going to protect, detect, respond and recover in the event of a cyber attack. Each step is important and there are a range of solutions available that can support robust cyber security management.
The next, and arguably an obvious area for vigilance, is to ensure that all software is kept up to date: just one piece of out-dated software can offer cybercriminals the route to network infiltration. It is not uncommon for individuals to ignore a software update notification, so having systems in place which can provide fleet-wide updates automatically is beneficial, especially given that third party systems interface with ship networks.
Hackers also look for vulnerabilities in software and rely on it not being updated. Having processes in place to automatically update and ensure all software is updated therefore significantly reduces the attack surface and ensures potential entry points are secure.
GTMaritime’s GTDeploy product, for example, allows companies to deploy software update patches to remote locations, and has been designed specifically for the maritime industry to meet the demands of satellite connectivity. Managed through a dashboard it is easy to deploy across all vessels and computers to facilitate updating patch security holes, fixing and removing bugs and adding new features. Software such as GTDeploy makes what is usually a labour intensive and costly process simple by running in the background and allowing companies to prioritise and control updates remotely.
And finally, systems vigilance must be matched by vigilance among users: ensuring employees are cyber aware is a key factor in preventing a cyber-event and trained in how to respond if such an event occurs. Seafarers whose contact with the outside world may rely disproportionately on the IoT need to be especially vigilant regarding phishing emails, discouraged from clicking on links from unknown sources and understand the systems maintaining the cyber integrity of the vessel and its operations.
By regularly reviewing current cyber risk management and addressing gaps, investing in systems which automatically update software and enhancing staff knowledge and understanding, companies can ensure compliance and reduce the risk of a cyber attack.