Page 28: of Maritime Reporter Magazine (May 2017)

The Marine Propulsion Edition

Read this page in Pdf, Flash or Html5 edition of May 2017 Maritime Reporter Magazine

Thought Leadership on Cyber Security

While programmers average between 10 and 50 errors per 1,000 lines of code, and larger companies can reduce this to .5 per 1,000, such rates suggest the presence of thousands of exploitable vulnerabilities.

To emphasize the point, Microsoft Windows operating system is estimated to require more than 50 million lines of code; Google overall manages 2 billion. sociations, ? ag states, port state control Even while broader objectives were be- reigned as the universe of security sys- This is because cyber risk, as many have authorities, and the International Mari- ing de? ned and a framework established, tem manufacturers, “solution” providers heard me remark, challenges one’s sense time Organization. I’ve participated in regulated vessels and facilities had to be- and “consultants” burgeoned. Countless of space, time, context, and attribution. cybersecurity assessments, presented gin to implement preventative measures companies over-spent on technical so- Typically a non-“digital native” , mari- at conferences and seminars, and sat in and comply with standards that were de- lutions that were too complex or over- time transportation owners and execu- on cybersecurity roundtables on every signed to support the detection / assess- engineered for the business; proved too tives commonly struggle to comprehend continent except Australia and Antarc- ment of security threats. expensive to sustain; or simply didn’t how to think about such questions as: tica. Without exception, and irrespec- Although ISPS Code language ad- work as promised. Globally, billions of Who’s attacking my company? Why are tive of language, culture, business, or dresses the protection of electronic data, dollars were wasted. In the maritime in- they doing it? When did they attack? dress, everyone whom I’ve spoken with the threats originally contemplated were dustry, investments in ISPS Code com- From where did they attack? In their agrees that cyber risks are real and must overwhelmingly of a physical nature. pliance efforts were similarly received, minds cyber risk is intangible, which be addressed. While cyber risk mitiga- They relate to controlling physical ac- and for many the experience wasn’t underpins the confusion surrounding the tion efforts are becoming more widely cess; to designing and establishing the much different. question about where to start. acknowledged and implemented, such processes and procedures for sustain- The current confusion over cybersecu- Even though the challenge of cyber- as awareness training, incident response ing maritime security activities; and to rity carries with it similar risks of over- security remains universally acknowl- planning, and assessments, the most ensuring security plans call out all the investment, in particular because cyber edged, it’s perceived intangibilities common inquiry was: “Where do we above. Of course, there is more to the risk context is so unfamiliar. Unlike the risk prolonging a sense of defenseless- start?” ISPS Code, but the challenges shipown- implementation of physical defensive ness among many non-digital native

I had faced this question before. It was ers faced after July 2004 were to imple- measures, such as access control and decision-makers facing today’s crop of in the wake of the 9/11 attacks and the ment security solutions in a manner both electronic surveillance systems, which cybersecurity ‘solution providers’. Not subsequent promulgation of the IMO’s effective and compliant. one can physically touch and see, cy- surprisingly, market confusion is worse

International Ship and Port (ISPS) Code. In this post 9/11-world, confusion ber risk mitigation goes mostly unseen. today with cyber risk than in the decade

KET MARINE

SEPARATORS SINCE 1985 • • •

KET Marine International B.V. KET Marine Hellas KET Marine Asia Pte ltd.

Koperslagerij 23 ?%6>IZIRFIVKIR 4 Kifisias Avenue ?1EVSYWWM 18 Boon Lay Way # 10-118 Trade hub 21

Greece The Netherlands 609966 Singapore T +31(0)168 328 550 ?F +31(0)168 326 350 T +30 694 227 78 84 T +65 679 313 19 ?F +65 679 326 67

E [email protected]?I www.ketmarine.nl E [email protected]?I www.ketmarine.gr E [email protected]?I www.ketmarine.com 28 Maritime Reporter & Engineering News • MAY 2017

MR #5 (26-33).indd 28 MR #5 (26-33).indd 28 5/4/2017 12:35:06 PM5/4/2017 12:35:06 PM

Maritime Reporter

First published in 1881 Maritime Reporter is the world's largest audited circulation publication serving the global maritime industry.