Page 26: of Maritime Reporter Magazine (May 2017)

Thought Leadership on Cyber Security industry initiative that encourages the vessel, which often happens automati- on proper cyber security procedures at

The Biggest Weakness: sharing of research data, best practice cally, is such that the interconnected sign-on when joining the vessel and pe-

The Human Element cyber guidelines and educational arti- nature of information may lead to the riodically while onboard. It’s especially

For all the talk about improving ? re- cles to help stakeholders understand the system being compromised. Vessels typ- important to review cyber security pro- walls and ensuring that shipping and cor- challenges that the digital era brings to ically share a connection with corporate cedures when shipboard operations are porate platforms are secure, the biggest subjected to outside impacts, shoreside risk to cyber security is actually the hu- shipping and offshore operations. The security, so it’s essentially a means to ac-

USMRC has also launched an e-learning cess corporate servers. tech reps or during a shipyard period.

man element. The IMB has reported that course, which meets IMO interim draft Senior management must also demon- It’s critical that the vessel have a re- more than 80 percent of offshore cyber, guidelines on maritime cyber risk man- strate a commitment to employees who sponse plan that can be implemented information technology and operational agement. live at sea so that the human element of and has been tested. Regular back-up of technology security breaches were the critical systems are an important part of direct result of human error. This reality

Cyber awareness is also being driven cyber risk is appropriately addressed. For by military and government contracts, example, millennials going out to sea are any response plan. The IMO provides needs to be conveyed and emphasized to which demand that attention be focused accustomed to having access to email high-level recommendations for mari- all who work in the industry.

on marine loss control among operators and online entertainment. It’s essential time cyber risk management while BIM- and shipyards. In many cases, shipyards that these needs be provided for so that CO recommends cyber security be tied

Tough Decisions that bid on government contracts are re- the crew is not jeopardizing security by in with a vessel security plan, which is a

These are challenging times for the quired to demonstrate that they have a using the ship’s operating systems for framework under the safety management shipping industry. Budgets are tight and secure platform. personal needs, thereby threatening the systems that already exists.

there’s pressure to delay maintenance,

The stipulations in the ISPS and ISM reduce manning and decrease training. security of the corporate ? rewall.

Get On Board

Senior management needs to let the Codes enable a fast rollout of a frame-

Unfortunately, the threat of a cyber at- work for handling the management of tack is not seen as a traditional maritime

Addressing cyber security should be crew know that they’re important, trust- information system security (ISS) on hazard, and is therefore an area that’s a priority for senior management rather ed stakeholders and that their own liveli- board ships. The principal advantage of easily overlooked. Ultimately, it goes than a concern that’s delegated to the hood is affected by their safety, particu- vessel security of? cer or the head of the larly as it relates to the risk of attempted this solution is that it is not necessary to back to treating employees right, making create a new system; existing tools used sure they have the resources to do their

IT department. Given that most cyber at- hacks.

in the maritime world can simply be jobs as ef? ciently as possible, making tacks have not been aimed on the vessel,

Practical Guidelines per se, but are more an effort to breach adapted. The Maritime Safety Commit- sure they have the knowledge they need,

There are standard practices that can tee, under MSC 96/4/5, suggests speci? c and making them feel vested as vital corporate security, vigilance at the cor- be implemented to reduce cyber risk. steps that ships can follow to achieve stakeholders in the effort to successfully porate level makes good sense.

The nature of data transmission on a Each crew member should be instructed ISS protection.

defend against cyber attacks.

Marine & Industrial Equipment ® ® 10110 S. M43 Hwy, Delton, MI 49046 USA, tel: +1 (269) 623-2900 fax: +1 (269) 623-8028, [email protected], www.kleeco.com 26 Maritime Reporter & Engineering News • MAY 2017

MR #5 (26-33).indd 26 MR #5 (26-33).indd 26 5/3/2017 8:11:37 PM5/3/2017 8:11:37 PM