Page 36: of Maritime Reporter Magazine (September 2018)

PORT & SHIP SECURITY

The best-known incident was the “notPetya” malware outbreak in Octo- ber 2017, which struck A.P. Moller-Maersk’s IT department, and through that, it’s APM terminals at ports worldwide, including at Los Angeles, Long

Beach and NY/Newark. The shut down there and at other ports, and the en- suing cleanup of backlog, cost Maersk around $300 million. ing urged to move beyond assessing and bases, starting with a free KVH Video- To better secure its satellite and ter- level Universal Threat management ? re- mitigating their risk. They need to build tel “Cybersecurity at Sea’ training video restrial networks, the company provides walls in each KVH MegaPOP, applica- backup plans designed to get their facili- for subscribers to its mini-VSAT broad- a mix of tools from infrastructure safe- tion-level traf? c shapers, multiple forms ties and operations up and operating as band service will receive free, the. Based guards, authentication, encryption and of threat blocking and optional global fast and as painlessly as possible. on regulations from the IMO and the proprietary air interfaces. In the latter static IP addresses.

Port executives will tell you they are BIMCO cyber guidelines for ships, the case, the KVH network keeps satel- working on all that plus some are par- program covers assessing and reducing lite traf? c off the internet before go- • The American Bureau of Shipping ticipating in Area Maritime Security risks of a cyber incident, as well as how ing through edge security devices at unveiled methodology it said will pro-

Committees (AMSC) and their cyber to recover from an attack. MegaPOPs. To better control shipboard vide a calculated risk index for vessels, subcommittees. Created under the Mari- In the event of an actual or suspected system and internet access, customers ? eets and facilities by measuring cyber time Transportation Security Act of 2002 attack, KVH will dispatch a Cyber Se- can segment the KVH LAN to separate security risk associated with operational (MTSA), the AMSC provide a collab- curity Incident Response Team to inves- groups or uses, and use the myKVHTM technology and human and machine orative forum in which government, law tigate, manage and help to minimize the portal to forces personnel to log in. KVH identities,. Rejecting the standard quali- enforcement, the Coast Guard and indus- risk. protects internet egress via application- tative approach to assessing cyber risk, try representatives can work together to ABS says its methodology is unique in de? ne, address and potentially, resolve that its index quanti? es risk. Using its problems, as well as establish best prac- Functions, Connections and Identities tices, and promote information sharing (FCI) Model, ABS said it can calculate a and resiliency. cyber risk index for anything from indi- vidual assets to entire ? eets. An action-

USCG, Naval Academies Address

Help is on the Way able report will enable ABS clients to

Cyber Workforce Shortages

Peer support and collaboration is one better target their cyber security invest- approach to tackling security. Technol- ments.

Back in 2015, then U.S. Coast Guard Vice Admiral Chuck Michel ogy is another, and there are plenty of told a Maritime Cyber Security Symposium that “we are incredibly products and guidance on the market ca- • Rajant Corp.’s military-grade, Ki- challenged” to develop a workforce that can recognize and deal with pable of tackling cyber security on many netic Mesh private wireless network maritime cyber security threats. He said the Coast Guard and other levels. Here is a sampling: provides a fully mobile, highly adapt- able and secure connectivity that can agencies needed to make it a priority to build such a workforce. “The • MarineCFO is targeting users of turn any asset into a network and never key to this thing is not equipment. It is human beings.” its Vessel 365 ? eet optimization appli- breaks for handoff, ensuring no breaks

But the shortage of cyber-savvy security expertise has only wors- cation suite with a set of “actionable” in application performance. Rajant’s ened since the symposium, so much so that just when the maritime checklists designed to “engender cyber “breadcrumbs” – wireless radio nodes transportation system has begun to respond to appeals to start ad- security into the psyche” of mariners equipped with “instaMesh” software – dressing the cyber security threat, it ? nds itself facing an even bigger and shore side personnel. With a focus are able communicate with each other challenge – a continued and growing shortage of knowledgeable, on simplicity and an absence of jargon, via multiple simultaneous connections. experienced personnel. the checklists enable mariners to train, el to communicate with each other. Each

At the U.S. Coast Guard, the addition of cyber space as a new record the training, perform cyber drills node supports up to four frequencies and domain of responsibility means it too will need a workforce capable and improve the physical and digital se- provides con? gurable per-hop, per-pack- of operating in that realm. Toward that end, the U.S. Coast Guard curity of a vessel. Developed around the et data authentication.

Academy this fall will launch its ? rst new major in 25 years – a cyber principles of the NIST 800-171 Cyber The saleable network’s peer-to-peer security program that will incorporate elements of ? elds including

Security Framework, the checklists also technology, InstaMesh, performs real- policy, law, ethics, operating systems, software design and intel- provide a way to report cyber incidents time evaluation of network links to direct ligence. The U.S. Naval Academy, meanwhile, is building a $106 and attacks. traf? c via the fastest pathways between million cybersecurity building and has seen interest in cyber opera- any wired, wireless or in-motion points. tions skyrocket from 22 cyber majors in the class of 2018 to 110 in • KVH recently released 6-Level Cy- The fully redundant, self-healing net- the freshman class. The Academy graduated its ? rst cyber majors in ber security, a group of initiatives that it work uses a completely distributed Lay- 2016. Massachusetts Maritime Academy offers a minor in Home- says will provide proactive cyber securi- er 2 protocol to eliminate node or single land Security to students in all majors. The program aims to provide ty protection for KVH hardware and the points of failure. It instantaneously re- a broad understanding of the international and domestic security maritime VSAT satellite network used directs traf? c via the next best available issues involved in homeland security. by its customers. link if in the event of a compromised or

The multi-part strategy covers the blocked pathway. 36 Maritime Reporter & Engineering News • SEPTEMBER 2018

MR #9 (34-41).indd 36 MR #9 (34-41).indd 36 9/5/2018 11:42:54 AM9/5/2018 11:42:54 AM