Outdated Strategies In Maritime Cyber Security

The process of digital transformation has impacted all sectors of society, including the maritime shipping and port sector. Many port operators have increasingly tried to integrated cyber technology into port activities to increase their competitiveness. Unfortunately, digitalisation has become the major vulnerability for the emerging cyber threat.

The International Association of Ports and Harbors’ (IAPH) cyber security guidelines are intended to help senior executive decision makers make an objective assessment on the readiness of ports and port facilities to prevent, stop and recover from a cyber attack.

Patrick Verhoeven, IAPH managing director, commented: “We have produced this set of port and port facilities cybersecurity guidelines targeting the strategic rather than technical level. They are designed to create awareness among the C-level management of port authorities.” 

In June 2017 the Maersk shipping company was hit by a cyber attack from the purely destructive NotPetya virus. The virus entered Maersk’s systems through a widely used piece of tax accounting software in Ukraine. Maersk was not the intended target for the attack, but the consequences for the company were very real. The virus spread through the company globally and made all their applications and data unavailable for several days. Real world operations, including its Rotterdam terminal, were seriously affected, with losses in the region of $200-300million. 

What Are The Resources Needed?

The new guidelines address the question of what port organisations need in terms of resources to effectively manage cyber security risks. These guidelines have been produced from the work of 22 experts from IAPH member ports from around the world as well as Associate Member cyber security specialists and contributors from the World Bank.

The guidelines have been submitted to both the IMO Facilitation and Maritime Safety Committees for consideration. They form part of the joint industry call Accelerating Digitalisation of Maritime Trade and Logistics: A Call to Action led by IAPH in June last year, which includes reviewing existing IMO guidance on Maritime Cyber Risk Management on its ability to address cyber risks in ports, developing additional guidance where needed.

Gov.UK:        Kaspersky:         Thetius:        Port Strategy:        Science Direct:     Springer

You Might Also Read:

Maritime Cyber Security Has Missing Parts:

 

« Police Get New Tools To Process Digital Evidence
Ransomware: One Percent Makes A Big Impact »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Promon

Promon

Promon is an application security vendor providing Self-Protection abilities to Mobile apps and Desktop applications.

CERT.AZ

CERT.AZ

The national Cyber Security Center of the Republic of Azerbaijan.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

BigID

BigID

BigID is redefining personal data protection and privacy. BigID software helps companies secure their customer data & satisfy privacy regulations like GDPR.

Intersec Worldwide

Intersec Worldwide

Intersec Worldwide is a boutique Information Security Firm specializing in PCI Compliance, Assessment, Remediation, Forensics, Data Breach Investigations, Incident Response and IT Managed Services.

FraudHunt

FraudHunt

FraudHunt protects your website from account fraud, ad fraud, fraud clicks, and malicious bots.

e-End

e-End

e-End provides hard drive shredding, degaussing and data destruction solutions validated by the highest electronic certifcations to keep you compliant with GLB, SOX, FACTA, FISMA, HIPAA, COPPA, ITAR.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Accolite Digital

Accolite Digital

Accolite is an innovative, design thinking software company that guarantees seamless digital experiences with maximum results.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

MorganFranklin Consulting

MorganFranklin Consulting

MorganFranklin Consulting is a management advisory firm that works with businesses and government to address complex and transformational technology and business objectives including cybersecurity.

Salem Cyber

Salem Cyber

Salem Cyber builds Artificial Intelligence (AI) solutions that work collaboratively with people to address scalability challenges in cybersecurity operations.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.