14th July 2020
Welcome to Cybersecurity Scuttlebutt from GTMaritime. (1)
This blog series, in partnership with Be Cyber Aware at Sea, is here to raise awareness of cyber security issues that affect the maritime industry and specifically seafarers operating on board.
Our commitment in this series is to present the facts and advice in a way that is easy to digest.
With constantly evolving and emerging threats to the technologies on which we rely to do our jobs it is often difficult to keep up with the latest threats and guidance on how to stay safe.
Vessel IT systems are typically protected by a number of solutions designed to prevent threats affecting operations, whether they be onboard systems protecting endpoints, network based security solutions orshore based solutions preventing threats before they even reach the vessel. But no matter how good the technology it can only ever form one part of the solution. The other part of the equation is the user.
It’s easy to fall into the mindset of “here we go again, another guy going on about cyber security”, however, in 2019 the average cost of a data breach in the transport sector was $3.5 million with over 50% of incidents caused by malicious or criminal attacks (1)
Before diving into individual bits of technology or advice on specific threats it is important to have a strategy in place to ensure the right tools and techniques are being deployed to the right place. In brief a cyber security strategy might look like (2):
- Ensure the cyber security strategy is aligned with business objectives and is adequately supported by the company management.
- Identify the most critical data resources and prioritize investments through risk analysis to anticipate threats.
- Be aware of threats (Intelligence), their motivations, resources and methods of attack, to reduce the time between detection and response to an incident.
- Evaluate cyber security of third parties and partners across the value chain, ensuring compliance with security policies and procedures.
- Provide training for employees and collaborate with others to raise awareness of cyber security threats and response techniques. Increasing knowledge and understanding of the threats and actions to be taken will allow companies and enterprises to improve their resilience.
The key message here is that good cyber defenses are made up of multiple layers. It is key to understand the operating environment (in shipping this is not just IT system but OT systems too), the risks to each system and building a comprehensive cyber defense solution.
As more systems become part of the connected world this becomes ever more critical. Technical controls and end user awareness are essential tools in the armory for cyber defense. In addition to users being aware of what to look out for, just as important is how users react.
Seafarers are drilled in all aspects of ship safety operations. In the event of a fire onboard the crew’s training mean they instinctively know exactly what action to take. Can the same be said of the crew’s reaction to a cyber security incident or would they be searching around for a phone number of someone in IT?
If you work in a function that is tasked with implementing cyber security solutions for onboard systems are your onboard colleagues up to speed on how you are protecting them (including how they shouldn’t try and work around the controls you have put in place).
As a member of onboard crew, are you comfortable you’d know what to do in a ransomware attack or would you notice before it was too late if you were subject to a GPS spoofing attack (3)
Coming up in the rest of this series there will be articles on a range of topics including phishing, password protection, using 3rd party device, cloud security and much more.
We hope you find the posts informative and helpful.