Page 32: of Marine News Magazine (November 2021)

Great Workboats of 2021

Read this page in Pdf, Flash or Html5 edition of November 2021 Marine News Magazine

Column

Cyber Security these guidelines and implement strategic objectives. recovery capabilities, multi-factor authentication and ac-

Given the digital revolution that has been taking place cess controls, anti-malware tools, robust network moni- in the maritime industry, ships are more connected now toring processes, use of Virtual Private Networks (VPN), than ever before. While the increased connectivity and maintaining software upgrades, patches and maintenance system integration aids in operational, commercial, and schedules, email and spam ? ltering, providing security safety ef? ciencies, it also enlarges the attack surface avail- awareness training to personnel and maintaining and test- able to bad actors seeking to exploit vulnerabilities for ing an incident response policy and physical security to potential cyber-attacks. There are increased risks for mari- restrict access to shipboard areas. Shipowners, charter- time cyber-attacks because shipboard systems and net- ers and seafarers also have vital roles to play. Shipown- works are often interconnected with other onboard or re- ers need to ensure there are prevention, detection and re- mote systems and the internet, which constantly interface sponse plans in place. Shipowners and charterers need to with international contacts of all kinds. Both new and old understand who bears the risk if a cyber incident occurs vessels can be susceptible to cyber incidents. Newer ves- that results in delays, damage to the vessel or ransom pay- sels are being branded as “smart” ships with thousands ments. Shipowners should understand the extent of insur- of sensors, remote monitoring and troubleshooting, and ance coverage for cyber incidents and potential losses due arti? cial intelligence capabilities to analyze data in real to third-party liability. Seafarers should follow company time. These vessels integrate information technology sys- compliance plans and policies to protect onboard systems tems with operational technology systems, thus increas- from phishing attempts and eliminate other opportuni- ing the exposure of these interdependent systems to cyber ties for potential cyber breaches through shore visits, and incidents. Older ships that are not as sophisticated could ship-to-shore interfaces and remote access. Ship managers still experience a cyber incident because of obsolete op- should also ensure the proper contractual language is in- erating systems that can no longer be updated, missing serted for third party suppliers and agents to protect and or outdated anti-malware software, insuf? cient security secure sensitive data and information, and that contrac- protocols and safeguards (including employee misman- tors are properly vetted. agement of the network and the use of default administra- As shipping continues to move towards remotely op- tive accounts and simple passwords), integrated computer erated and autonomous driven vessels, stakeholders and systems that lack safeguards and network segmentation, governments must collaborate to identify new risks and systems that must be connected to a server on land to regulatory gaps. The need for new tools and collaboration function correctly, or are always connected to a system to protect against cybersecurity incidents is paramount, as on shore that is not secure, and unsecure access controls the ecosystem is only as strong as the weakest link. For for service providers and contractors. Thus, it is vital to example, Blockchain and other encrypted solutions could invest in cyber assessments to identify potential areas of aid in the safety and security of maritime transactions. Not weakness to combat potential threats. only does Blockchain simplify and provide transparency

The large maritime-cyber ecosystem, consisting of ship- into fragmented shipping and logistics processes, Block- board automation and communication systems, cargo chain does not have a centralized server, thus reducing the and passenger manifests, port operations and other supply chances of malicious cyber-attacks. Blockchain also re- chain members, needs to remain vigilant and proactive by duces inef? ciencies, such as error-prone manual exchanges performing cybersecurity training and simulated tests, de- between numerous parties. Furthermore, investment is ploying defenses and developing incident response plans. needed. Developing nations will require support to ensure

Defenses require continuous improvement and there is no resilience throughout the supply chain against potential one-size-? ts-all approach. Both procedural and techni- future disruptions. Maritime cybersecurity is a topic that cal countermeasures are needed, and a layered approach will continuously change course depending on how the in- is essential. Possible defenses include: backup and data dustry, and key stakeholders prepare, detect and respond. 32 | MN November 2021

Marine News

Marine News is the premier magazine of the North American Inland, coastal and Offshore workboat markets.