Skip to content Skip to footer

Who we are

Our website address is: https://shipip.com.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Who we share your data with

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

What data breach procedures we have in place

What third parties we receive data from

What automated decision making and/or profiling we do with user data

Industry regulatory disclosure requirements

MARITIME CYBER SECURITY

Smart Tips for Better Maritime Security

August 13, 2020

What is Maritime Security?

Maritime cybersecurity is essentially the collection of policies, tools, habits, security safeguards, and guidelines that maritime groups implement in order to protect their organizations, vessels, and associated networks.

According to the International Maritime Organization (IMO), “​Maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.”

Over the years, maritime technology has improved rather significantly. Yet over that same time, many organizations have continued to leverage legacy technologies that were never built to be connected to the internet. This has exposed vessels and maritime networks to increased risk.

“There was a time when connectivity on a vessel was minimal, and ship control engineers addressed security issues with air gapping to physically isolate a secure network from unsecured networks. By definition, an air-gapped system is neither connected to the Internet nor any other system,” Mission Secure explains. “But now, using something as simple as a USB flash drive or unsecured Wi-Fi connection, a malicious hacker or even an inexperienced insider could infiltrate and infect critical systems. This development is especially concerning given the connectivity of modern maritime vessels.

4 Tips for Better Maritime Security

In 2020, the need for better maritime security is clear and convincing. Here are some tips organizations within the industry can use to stay safe:

1. Emphasize Physical Security

Believe it or not, physical security comes first. Many cyberattacks are made possible by giving physical access to people who have no business interacting with certain parts of the network or system.

Good physical security calls for vigilance, continuous monitoring, and regular drills. These drills will help you identify weaknesses that may not be obvious otherwise. Try surveying your team, analyzing crew performance, and studying all duties of the ship security officer so that you can identify and phase out any loopholes that represent a vulnerability.

2. Manage User Privileges

All users should be given the least amount of access they need to perform the duties that align with their job role. Be reasonable, but certainly don’t be liberal in how you hand out user privileges.

When granting high level system privileges, users should be carefully monitored and managed. In other words, access doesn’t mean the individual has free reign. Multi-layered safeguards are a must.

3. Invest in Malware Prevention

Malware can be referred to as any type of malicious content that’s intended to access, influence, and/or damage key systems of a computer or network. When deployed successfully, a piece of malware acts as a virus – seriously impacting all of the ship’s systems and services.

Maritime organizations must be serious about investing in and implementing the right anti-malware policies and solutions. And once implemented, they need to be rigorously monitored and updated to stay fully operational.

4. Develop a Robust Strategy

Mission Secure believes in a six-part cybersecurity risk management approach. While it’s a complex process with too many proprietary steps to outline here, it’s basically broken down like this:

  • Identify threats. Make a thorough list of all internal and external cybersecurity threats to the ship.
  • Identify vulnerabilities. Develop a comprehensive inventory of all onboard systems that have direct and indirect communication.
  • Assess risk exposure. Analyze the risk exposure of internal threats, external threats, and all vulnerabilities. Determine the likelihood of being exposed in any of these ways.
  • Develop protection and detection measures. The plan should include tactics for reducing the likelihood of being compromised, as well as the impact of certain vulnerabilities being exploited.
  • Establish contingency plans. This plan should have a prioritized list of action steps to mitigate cyber risks as they’re detected.
  • Respond and recover. Focus on recovering and strengthening cyber defenses so that similar future attacks don’t stand a chance of being successful.

A meticulous approach like this takes time to develop, but creates a strong defense that stands up in even the most hostile environments. A failure to invest in a 360-degree strategy like this could lead to serious compromises.

Safer Times Ahead

While the industry is moving fast to protect against cyber attacks, it’s going to take a while for all of the major maritime companies to coalesce around comprehensive cybersecurity strategies that stand up to the latest and most advanced threats. But once the wrinkles get ironed out, it’ll be smooth sailing into the future.

Source: smartdatacollective

Tags:
0Likes
About Author

You May Also Like

MARITIME CYBER SECURITY

eably launches virtual cybersecurity training course

June 2, 2021
CONSULTANCY, CYBER SECURITY, IMO, MARITIME CYBER SECURITY

Korean Register grants first cyber security type-approval

June 12, 2019