31 Oct 2019
How to maintain maritime cybersecurity
Maritime cybersecurity is a very difficult domain to understand. On one hand there’s lots to be scared about. On the other hand there’s lots of hi-tech solutions, and lots of solutions which are less hi-tech and there’s many people saying that the answer is not hi-tech at all.
Our event on October 31st aims to build understanding about all these three things. What specifically do we need to be most scared about? How much can the hi-tech solutions, which promise advanced technologies to identify and mitigate threats, help? Are you better off with lower-tech solutions, such as extensive testing? And how much of the solution is more about the people side of it, helping staff onboard and ashore be better aware of threats and what to do about them?
In terms of threats, we’ve seen Maersk’s hacking and estimated $300m costs, talk about taking remote control of vessel’s navigation and engine systems, hacking into satcom networks, and malware on software systems. All of these threats have different likelihoods and impacts. We’ll aim to provide a better understanding of what those are.
For hi-tech solutions, we see tools which aim to scan networks and identify threats using artificial intelligence, tools which detect GPS spoofing, tools which manage security across your network. For low-tech solutions such as extensive testing of your network, we look at the different options and the costs involved.
And we’ll look at the people side of it. It is common to say that people are the cause of most cybersecurity problems. But no-one ever says that people are the cause of physical security problems – because that would be stating the obvious. In the physical world, companies just figure out ways to continuously identify security problems caused by people, or how people can help mitigate risks. The cybersecurity world could do the same.
Maritime cybersecurity involves bringing together multiple domains, which don’t necessarily understand each other very well. It is tough to make it work. Our event on October 31st aims to make some steps to make it easier.