Outdated Strategies In Maritime Cyber Security

The process of digital transformation has impacted all sectors of society, including the maritime shipping and port sector. Many port operators have increasingly tried to integrated cyber technology into port activities to increase their competitiveness. Unfortunately, digitalisation has become the major vulnerability for the emerging cyber threat.

The International Association of Ports and Harbors’ (IAPH) cyber security guidelines are intended to help senior executive decision makers make an objective assessment on the readiness of ports and port facilities to prevent, stop and recover from a cyber attack.

Patrick Verhoeven, IAPH managing director, commented: “We have produced this set of port and port facilities cybersecurity guidelines targeting the strategic rather than technical level. They are designed to create awareness among the C-level management of port authorities.” 

In June 2017 the Maersk shipping company was hit by a cyber attack from the purely destructive NotPetya virus. The virus entered Maersk’s systems through a widely used piece of tax accounting software in Ukraine. Maersk was not the intended target for the attack, but the consequences for the company were very real. The virus spread through the company globally and made all their applications and data unavailable for several days. Real world operations, including its Rotterdam terminal, were seriously affected, with losses in the region of $200-300million. 

What Are The Resources Needed?

The new guidelines address the question of what port organisations need in terms of resources to effectively manage cyber security risks. These guidelines have been produced from the work of 22 experts from IAPH member ports from around the world as well as Associate Member cyber security specialists and contributors from the World Bank.

The guidelines have been submitted to both the IMO Facilitation and Maritime Safety Committees for consideration. They form part of the joint industry call Accelerating Digitalisation of Maritime Trade and Logistics: A Call to Action led by IAPH in June last year, which includes reviewing existing IMO guidance on Maritime Cyber Risk Management on its ability to address cyber risks in ports, developing additional guidance where needed.

Gov.UK:        Kaspersky:         Thetius:        Port Strategy:        Science Direct:     Springer

You Might Also Read:

Maritime Cyber Security Has Missing Parts:

 

« Police Get New Tools To Process Digital Evidence
Ransomware: One Percent Makes A Big Impact »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Olfeo

Olfeo

Olfeo is a content filtering software vendor. Our proxy and filtering solution helps our customers to manage, monitor and secure their Internet traffic.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Seconize

Seconize

Seconize empowers enterprises to proactively manage their cyber risks, prioritize remediations, optimize security spending and ensure compliance.

Navaio IT Security

Navaio IT Security

Navaio helps clients with IT Security related challenges with a primary focus on Identity and Access Management, Data Governance, User Awareness and Cyber Resilience Services.

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum (GCF)

Global Cybersecurity Forum is a catalyst platform designed to create a more resilient and better cyberworld for all.

1Kosmos

1Kosmos

1Kosmos provide Digital Identity and Passwordless Authentication for workforce and customers. Powered by advanced biometrics and blockchain technology.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Telsy

Telsy

Telsy is a security partner for ICT solutions and services. We help you implement effective security solutions that increase your risk mitigation ability and your responsiveness.

Knowledge Lens

Knowledge Lens

Knowledge Lens builds innovative solutions on niche technology areas such as Big Data Analytics, Data Science, Artificial Intelligence, Internet of Things, Augmented Reality, and Blockchain.

BIG Cyber

BIG Cyber

BIG Cyber is a specialized Managed Security Service Provider (MSSP) dedicated to bringing military grade cyber security technology to the gaming industry.

ISSQUARED

ISSQUARED

ISSQUARED is a leading provider of Cyber Security, Cloud, Infrastructure, Consulting and Digital Transformation services.

Radiance Technologies

Radiance Technologies

Radiance solutions provide technological advantage and operational superiority for our nation in the areas of intelligence, cyber and advanced weapon systems.

Entech

Entech

Entech is a managed IT service provider. We work behind the scenes on your network to ensure data security and integrity.

QFunction

QFunction

QFunction works within your existing security stack to detect anomalies and threats within your data.