27th August 2019
Too much faith in technical fixes to cyber security is a bad thing
These days scam emails are as much an irritation for crew working at sea as anyone working in an office. Apart from clogging up inboxes, accidentally clicking through on a link can lead to financial loss, reputational damage, and in more serious cases, operational outages. At sea, the dangers are amplified as ships often have PCs running older operating systems, which haven’t had the latest updates applied, such that simply displaying a message can activate certain kinds of malware.
Thankfully enterprise-grade spam and malware filtering solutions, such as GTMailPlus from GTMaritime, protect staff at sea and on land alike by preventing the vast majority of these tainted and timewasting messages ever reaching inboxes. But do these systems lull users into a false sense of security and encourage carelessness?
No technological solution can ever be 100% bulletproof. This is particularly true when threats are continually evolving. Cyber-criminals have every incentive to develop new ways for circumventing filters and exploiting psychological tricks to lure in users. The odds are stacked in their favour, because they only need to succeed once, whereas those tasked with protecting systems – whether internal IT teams or third-party service providers – have to consider every possibility and succeed every time.
So while technology has an important role to play, it should not be regarded as the complete solution. For maximum effect, it must be complemented with user education. This should be ongoing with training materials regularly updated to incorporate the latest tricks and ruses employed by cyber-criminals. Moreover, users should be periodically tested – firstly to ensure that the message is hitting home but secondly to uncover gaps in their understanding and areas where additional technical safeguards might be beneficial.
GTMaritime is continually developing its technology for stopping malware in its tracks and will soon be rolling out a significant upgrade to the anti-phishing module of GTMailPlus. In addition it will introduce a penetration testing service for customers to address the human factor in keeping ships cyber secure.