Loading...

(+30) 2118501121
cyber-1654709-696x392.jpg

Maritime blockchain solutions have the potential to greatly improve efficiencies in shipping and bring this industry into the 21st century


Shipping is the engine of the global economy, making up some 90% of world trade. That’s not easy to express in monetary terms, although experts estimate it at over $10 trillion a year. Maritime blockchain could transform this industry and bring multiple benefits to importers, exporters, transporters, ship owners, and even governments.

Blockchain at sea: How technology is transforming the maritime industry !

Blockchain technology has the potential to revolutionise the maritime industry and bring it into the 21st century. This complex ecosystem could greatly benefit from a robust digital platform to exchange data in real time.  

In fact, the industry has been testing maritime blockchain applications since 2017. Some of the most important shipping companies, such as Maersk, Hyundai Merchant Marine, and Maritime Silk Road Platform, have teamed up with tech giants to create blockchain shipping systems to streamline maritime logistics.

Maritime blockchain speeds up document flows

One of the main benefits of introducing blockchain to the maritime industry is cutting down bureaucracy. For international shipments, companies and customs officials are forced to fill out over 20 different types of documents (most of them paper-based) to move goods from exporter to importer.

Most of these documents fail to provide real-time visibility and data quality, which often causes setbacks in financial settlements. These types of delays and inefficiencies are hard to accept in a data-driven, digital world.

An international consortium of shipping companies and European customs has tested a blockchain solution that eliminates printed shipping documents from the process. Not only did blockchain speed up operations, but this pilot proved how organisations in the maritime industry can save hundreds of millions of dollars annually.

Blockchain not only makes cargo checks faster, it also minimises the risk of penalties for customs compliance that are levied on customers.

The maritime industry can also benefit from predictive analytics

Big data is having a huge impact on the industry, thanks to its potential to optimise operations, improve cybersecurity, and increase the overall efficiency of the supply chain.  

However, data alone can’t change the way the maritime industry works. Companies, ports, and governments need to analyse the information to reap real benefits from the findings. This industry generates about 100-120 million data points every day. It was impossible for existing technologies to gather and analyse this amount of data efficiently.

Blockchain can help by placing the crucial data in one place and creating a unique platform for solution providers, ports, and agents that operate along the supply chain.

By tracking cargo in real time using blockchain technology, shipping companies and ports can plan land procedures ahead of time, speeding up terminal works and cutting down costs. They can also use data to make educated predictions that enhance their operations and increase efficiency.

Maritime blockchain increases trading safety and transparency

The maritime industry includes multiple parties. Most of these communicate through lengthy paper chains, making it impossible to track shipments currently. This, combined with high transaction volumes, leads to little or no transparency in most processes.

Blockchains can secure the integrity of any record, reducing the risk of damaged or missing shipments. By replacing the old paper system, all parties involved have access to information, making it easier to plan operations efficiently and save on costs.

The information stored in the blockchains is impossible to delete or edit without leaving traces, so this transparency also increases security.

It reduces data entry errors and can improve fraud detection. Maersk’s collaboration with IBM, for example, also stipulates the development of means to streamline customs and security inspections, as well as tracking shipping containers for commercial purposes.

Maritime blockchain and cost efficiency

The blockchain-based Bill of Lading created by Maersk and IBM showed in early tests that administrative costs could be reduced by as much as 15% of the value of shipped goods, thanks to tracking shipping containers and eliminating paper documents.

It may seem like a small percentage, but that could create savings of $1.5 trillion globally.

Besides costs related to documentation, companies can also significantly reduce expenses caused by data entry errors, procedural delays, and discrepancies.

Blockchain technology is transforming the maritime industry

The maritime industry is still struggling with high costs and a high level of pollution. Blockchain technology can help with both issues, by cutting down administrative costs and providing environment-friendly solutions. All while protecting the industry against cybercrime and piracy, and ensuring a fairer deal for all parties involved.

SOURCE READ FULL ARTICLE


Cybersecurity.jpg

Maritime cybersecurity

The emerging risk associated with cyber threat requires not only better training for seafarers, but also spreading awareness of best cyber security practices, argued Peter Broadhurst, Senior VP of Safety and Security, Inmarsat Maritime, adding that there is still ‘a long way to go’ when it comes to effective cyber protection.

Whether in pursuit of personal data or money, cyber crime is now a big and highly automated business, ready to strike at the most vulnerable part of an organisation’s defences 24/7, anywhere in the world.

Speaking on a panel at the World Economic Forum earlier this year, A.P. Møller-Maersk Chairman Jim Hagemann Snabe revealed that responding to the NotPetya ransomware attack of June 2017 had required the reinstallation of 4,000 new servers, 45,000 new PCs, and 2,500 applications, all within ten days. During this period, the company reverted to manual systems.

In hitting a company equipped with experienced cyber security specialists, NotPetya showed that the cyber threat is as real for shipping as it is for any other connected business, especially where legacy systems proliferate.

If the warning should be sinking in, an Inmarsat Research Programme report, The Industrial IoT on land and at sea (2018) suggests that maritime minds are slow to change. The unique study drew on testimony from 750 survey respondents across a range of industries to establish preparedness and perceptions regarding the adoption of IoT-based solutions.

The survey found 87% of maritime respondents saying they believed that their cyber security arrangements could be improved. It also saw more of them identifying data storage methods (55%), poor network security (50%) and potential mishandling/misuse of data (44%) as likely to lead to breaches in cybersecurity than outright cyberattack (39%).

Given the self-diagnosis, it is perhaps surprising to find that only 25% of maritime respondents said they were working on new IoT-based security policies.

In fact, Inmarsat’s research exposed ambivalence as one of shipping’s leading feelings towards IoT-based solutions. With some owners engaging at the level of blockchain, others take their lead from their need to comply with regulation: this is an industry which simultaneously sustains just over 30% of shipping respondents as ‘IoT leaders’ and just under 30% as ‘IoT laggards’, the report says. For every owner signed up to the benefits of condition-based monitoring and predictive maintenance based on real-time connectivity, there appears to be another for whom maintenance is something that takes place at regular and predictable intervals, or whenever is most convenient.

Inconsistent views on cyber security also appear free to coexist with immature ones. Around 70% of respondents identify reducing  marine insurance premiums as a main driver for IoT uptake, where insurers have shown themselves as especially sensitive to cyber threats. At the same time, other studies have found attitudes such as “I’m not the target /we have security in place, don’t we?/I will be protected by AntiVirus” alive and well among seafarers.

For those prepared to engage in the IoT, ships today sustain crews in small numbers, representing both an opportunity and challenge for automation, and indeed for cyber security. On the one hand, low crew numbers align strongly with operational technology that is remotely updated, self-managing and supported by automated security and from third parties and OEMs, such as voyage planning, weather routing, navigation, fuel management, etc. On the other hand, the opportunities to ‘patch’ embedded operational technologies (OT) safely are not frequent, and patches usually require certification by control system manufacturers.

The broader point, though, is that cyber security is not just about software patching and systems configuration. Ship operators do not buy computer processors, disk storage and software and then build them into a system: they procure turnkey systems. Again, shipboard engineers may well be IT-literate, but no space has been made on the crew roster for cybersecurity specialists.

In these circumstances, the integrity of the systems on ships is best maintained by software which can identify, contain and resolve threats wherever they appear in the network. Such Unified Threat Management (UTM) detects all deviations from the ‘known good’ configuration as anomalies and potential threats to security and can update securely, even during operation. Some specialist functions such as a deep analysis of alerts or security forensics will need to be delivered remotely.

Inmarsat believes that a collaborative approach – that includes shipboard systems, but also the crew operating them and the processes involved – is vital to develop the maturity response demanded by multiple threats from cyber villains, whatever their origin. For this reason, we have been working with some of the best security-focused experts available to tailor products and services to meet shipping’s requirement.

As noted, however, software is only part of the answer: cyber security and vigilance for ‘the human element’ and a well thought-out recovery strategy to mitigate against multiple, automated assaults are also critical. Failures in processes and mistakes by people can present the security loophole that, if unchecked by the UTM, compromise the entire network.

Weaknesses at the first line of defence (to phishing, plugging infected USB in, downloading from untrusted source etc.) are common but, in the case of satellite-connected ships, it is also common to see updates turned off and no AV software in operation. Today, cyber security training is not compulsory for the world’s 1.6 million seafarers, while expertise in antivirus software is inevitably more likely to be based ashore.

As far as awareness is concerned, it is fair to say that there is likely to be more temptation to risk plugging in a memory stick that might be infected once a vessel is under way. Creating awareness for seafarers and staff is a continuous task because good cybersecurity practice is shipping’s first line of defence against ‘attack’.

Inmarsat recently participated in discussions with academics at the World Maritime University in Malmö over what future classroom-based and e-learning cyber security course content might include for Maritime Safety and Security Diploma students.

Inmarsat is not and does not aspire to be a training company, but it is an interested party. As such, we are fully aware that training is not just a tick box exercise and must be backed up with monitoring and reinforcement. We also know that using tools to identify breaches of policies such as USB usage help reinforce the message: constant reminders and real-life examples are often the quickest ways to stop bad practice.

But to address the cyber security risks of the future effectively, we need the involvement of ship designers, builders, regulators, verifiers, equipment manufacturers, service providers and, of course owners and operators. We were therefore one of the founding partners in a Joint Working Group run by the International Association of Classification Societies (IACS) whose members survey and certificate more than 90% of the world’s commercial vessels, ensuring that ships are fit-for-purpose and comply with safety and quality regulations.

source read full article


Cybersecurity.jpg
by Eric Holdeman / November 1, 2018 – READ FULL ARTICLE CLICK HERE

Maritime Industry Not Cyber-Ready

Maritime Industry Not Cyber-Ready, I had the opportunity to observe the maritime industry up close when I was director of security for the Port of Tacoma (almost six years ago). My observation then was that the people who make up the industry have never thought of themselves as technology companies or even being attuned to what technology can do for their businesses. A telling comment came from the deputy director at the port. Apple iPads had recently been fielded (2010) and I suggested purchasing an iPad for each of the port’s elected commissioners. His reply went something like, “Here in the maritime industry we are not oriented on technology, nor progressive in that area.” This from a top 10 port. There are many more small companies that move goods, have trucks, drivers, etc., and really don’t understand their vulnerability. See the article below for survey results of the industry.

Homeland Security Today: Survey Finds U.S. Maritime Industry Unprepared for Cyber Attacks 

Rapidly evolving technologies deployed throughout the U.S. maritime industry to increase efficiency and competitiveness present significant cybersecurity risks that the industry is unprepared to shoulder, according to the Jones Walker LLP Maritime Cybersecurity Survey.

The law firm’s survey reflects the responses of 126 senior executives, chief information and technology officers, non-executive security and compliance leaders, and key managers from U.S. maritime companies.

The respondents represent key sectors in the maritime industry and include professionals from small, mid-size, and large companies.

The survey found that nearly 80% of large U.S. maritime industry companies (those with more than 400 employees) and 38% of all industry respondents reported that cyber attackers targeted their companies within the past year. Ten percent of survey respondents reported that the data breach was successful, while 28% reported a thwarted attempt.

Small and mid-size companies are far less prepared than larger companies to respond to a cybersecurity breach. All respondents from large organizations indicated they are prepared to prevent a data breach, while only 6% of small company (1 to 49 employees) respondents and 19% of mid-size company (50 to 400 employees) respondents indicated preparedness.

The survey discovered that many small and mid-size companies lack even the most fundamental protections, exposing them to huge potential losses. 92% of small company and 69% of mid-size company respondents confirmed they have no cyber insurance.

In contrast, 97% of large company respondents have cyber insurance coverage.

Less than 15% of companies are using multi-factor authentication for remote access, or providing off-site backups in physically secure locations. 60% said they are unprepared to deal with negative public opinion, blog posts, and media reports after a data breach; 49% are unprepared to minimize the loss of customers’ and business partners’ trust and confidence after a data breach; 70% are unprepared to respond to a data breach involving business confidential information and intellectual property; and 70% are unprepared to respond to the theft of sensitive and confidential information that requires notification to victims and regulators.

The majority of respondents (69%) expressed confidence in the maritime industry’s cybersecurity readiness, while a minority (36%) believe that their own companies are prepared. Lee says there is a real disconnect between how stakeholders view the maritime industry’s overall preparedness level versus how they see their own shops. “By and large, they view the industry as prepared, but their own companies as unprepared. That is like saying that my neighborhood is safe, but my house is a hotbed of crime,” he said. “What I take away from this is that the respondents are likely wrong about the industry, and right about their own companies.”


TMSA3.jpg

OCIMF published the third edition of its Tanker Management and Self-Assessment guide (TMSA3) in April 2017. As of 1 January 2018, this will replace the TMSA2 and tanker owners will be required to follow the new self-assessment procedure. 

So are there any major changes? 

Well actually, yes. The latest TMSA version introduces an entirely new element – Maritime Security (element 13). The new element aims “to establish and maintain policies and procedures in order to respond to and mitigate identified security threats covering all company activities including cyber security.”

In complying with the aim, security plans should be put in place, which also address cyber security risks, and should cover shored-based locations, vessels and personnel. 

Are there any tools available to help tanker members comply with the Maritime Security element?

Yes, resources are available and the best thing is they are free!

IET Standards in conjunction with the Department for Transport have created a comprehensive code of practice for cyber security onboard ships. This code follows on from previous work the Department for Transport has done on port cyber security.

Additionally, an industry working group (which included OCIMF) have created Guidelines on Cyber Security onboard Ships. 

What other changes are there?

Elements 6, 6A and 10 have all had revisions, with element 10 now incorporating the OCIMF Energy Efficiency and Fuel Management paper that had previously been a supplement to TMSA2. Additionally TMSA3 also has 19 more KPIs than TMSA2 showing the focus on continuous improvement.

SOURCE : UK P&I CLUB

ARTICLE AUTHOR

Amanda Hastings