The state of cyber risk management in the maritime industry

The International Institute of Marine Surveying (IIMS) has published a report titled “The Great Disconnect” which looks into the issue of cyber attacks on ships and their impact on the shipping industry. The report finds that shipowners pay an average of 3.1 million dollars in ransoms to cyber attackers. The report also highlights that despite the perceived risk of cyber attacks on ships being high, the actual risk is low, but the shipping industry is still not prepared enough to deal with cyber threats. The report suggests that the shipping industry is not taking cyber security seriously enough and that steps should be taken to increase awareness and preparedness. Additionally, the report calls for more collaboration between the shipping industry and the insurance industry to better understand and mitigate the risks of cyber attacks on ships.

Recommendations from the report are briefly summarised in the IIMS blog site as follows:

The Great Disconnect report recommendations

As the maritime threat landscape is constantly evolving, and the industry needs to remain alert to and learn to adapt to the threat continually, the report suggests certain recommendations in order for shipping to be protected from cyber risks:

1. Set up dedicated cyber security directorate within fleet operations that covers both IT and OT security: It is critical that the directorate takes overall responsibility for security and is given the authority and resources to be able to gather data-driven evidence of the actual state of cyber security within the fleet assets and operations on which to base its decisions for improvement.

2. Implement comprehensive cyber incident training and drill programme: The programme should be based on practical scenarios that reflect the actual setup and security posture of the organisation, its people, processes and technology.

3. Develop minimum security standards for suppliers and partners: This can be designed as a supplier code of connection which sets a minimum cyber security standard for the supplier before they are permitted to connect to vessel systems or access to data from the vessels.

4. Conduct urgent review of insurance policies and seek specific legal guidance on ransom payments: All vessel operators should conduct an urgent review of insurance policies throughout their organisation to understand any risks that are not fully covered. Operators should also seek legal advice on ransom payments specific to their circumstances and incorporate the findings into their cyber security response plan.

Click button below to read more and download the report.