Page 35: of Maritime Reporter Magazine (May 2017)

client can block users from accessing any site or applica- tion at risk for malware or other cyber threats.

Level 2 – Monitor – Better

The second level would build on the basic ? rewall de- fence mentioned in level one. This would be a monitor- ing service that reviews traf? c that goes in and out of a 46-inch premium bridge client’s network – whether that is a tanker, cruise ship, oil rig, semi sub or a single offshore vessel. All traf? c

Ergonomics on a whole new scale is monitored by an appliance onsite that checks for any anomalies, strange traf? c or patterns of traf? c that sug- gests it is unwanted or could present a risk. At the dis- covery of such a threat, an alert is sent to the security operations center, for further action.

Level 3 – Prevent – Best

The third and ? nal level is the preventative level. This level allows the customer to work with experienced ? rms like Speedcast on more of a consulting basis to perform vulnerability assessments. This is done by assessing open source threat intelligence to ? nd out what informa- tion is present on the deep web or darknet that could rep- resent a threat for the customer. This could be anything from ? nancial data, key intellectual property or plans as well as entryways into on-board monitoring and control systems. Chatrooms provide forums for bartering such information. Knowing that the information openly avail- able on the internet is only 4 percent of the total Internet content and that the other 96 percent is hidden (i.e. deep web and darknet) , there is a vast amount of data that can be assessed to ? nd out what types of threats the cli- ent is vulnerable to. Navigating this gargantuan amount of information in clandestine places in the darknet and identifying data representing threats requires skill and experience.

Additionally, this level of engagement provides more than simply ? nding out what is out there, but also pro- vides the client with variations of penetration testing.

This means that cybersecurity experts conduct tests to see how well a customer’s security system protects their network. Even though a client may have blocked sites and is monitoring all the traf? c going in or out of their network, there can still be vulnerabilities in the network itself through open ports or unpatched software on devic- es. This testing helps dive into any remaining problems to tighten security solutions.

Finally, clients have the opportunity to sit with com- panies such as Speedcast to review their current security stance including everything from how executives view the threat of cybersecurity and how they train employ- ees, to the types of policies they have in place. This en- sures proper training and threat management procedures can be implemented to safeguard from cyber threats.

Maritime companies without a cybersecurity solution leave themselves open to critical risks to their opera- tion, and while having a program in place helps prevent these risks, an installation or network that isn’t properly maintained or updated can be just as vulnerable. Taking proactive measures to ensure a company has a system in place that defends the network, monitors traf? c and prevents www.jrc.am www.marinelink.com 35

MR #5 (34-41).indd 35 MR #5 (34-41).indd 35 5/3/2017 8:29:55 PM5/3/2017 8:29:55 PM