Epsco Ra announce RaEDR, the Next Generation Cyber Security Management concept for the Maritime Industryy design digital platforms and compliance to GDPR.

July 22, 2020 GDPR

Maritime Cyber Security experts, Epsco Ra are proud to announce RaEDR (RA Endpoint Detection and Remediation) a comprehensive cybersecurity monitoring and defense solution.

Inspired by the necessity for remote working brought about by the COVID 19 pandemic and the resulting huge worldwide increase in cyber-attacks, Epsco Ra have developed a new next-generation solution in the form of a cloud-hosted application which functions as an agent on each computer in a network (or on a UTM when possible).

Epsco Ra’s solution is easily installed on any vessel or office network, without any requirement for hardware and with no disruption to existing network or system installations.

The agents provide in-depth visibility of the system’s security posture, offering security monitoring, intrusion & threat detection, file integrity monitoring, vulnerability assessment, and incident response.

The system includes Compliance alignment with controls allowing full configuration with Governance frameworks inclusive of but not limited to NIST and GDPR.

This is all managed via an extensive user-customizable dashboard with reporting and alerting tools.

RaEDR gives our clients peace of mind in the knowledge that they have their own professional cybersecurity team without the cost of employing an in-house team.

Epsco Ra’s RaEDR service offers our clients 3rd party assurance from as little as US$25.00 per month per vessel.
Source: maritimecyprus

Anglo-Eastern brings Naval Dome on board to boost vessel cyber resilience

October 25, 2019 CYBER SECURITYMARITIME CYBER SECURITY

Shipmanager Anglo-Eastern has inked a Memorandum of Understanding with Naval Dome for the provision of cyber security research and consultancy services, aimed at ensuring the continued cyber resilience of its fleet of more than 650 vessels.

Naval Dome will carry out an evaluation of the company’s cyber position, perform penetration testing and make recommendations, where necessary, on how systems can be better protected.

“Cyber threats are amongst the most serious challenges the global shipping industry faces and we share Naval Dome’s view that the industry at large must do more to protect itself,” said Capt. Bjorn Hojgaard, CEO of Anglo-Eastern.

“The MoU we have signed aims not only to enhance the level of security across our fleet, but to also encourage system providers to retrofit systems installed aboard the global fleet with more advanced cyber protection.”

As part of the agreement, Anglo-Eastern will also engage Naval Dome to collaborate with equipment manufacturers and technology service providers and push them to incorporate more effective security systems into shipboard equipment.

“We are delighted to sign this cooperation agreement with Anglo-Eastern,” said Naval Dome CEO Itai Sela.

“All ships must operate with equipment capable of preventing the most sophisticated of attacks from penetrating critical systems. As such, we believe that all players – ship owners, ship managers, offshore operators, and OEMS – need to collaborate more on how best to cost-effectively eradicate the problem once and for all. We hope equipment suppliers will step up to the challenge.”

Maritime Cyber Security Is A Technical Issue Not A Human One, Says Sela

September 26, 2019 CYBER SECURITYMaritime Safety News

Maritime Cyber Security – Naval Dome CEO Itai Sela says that while it is true that the inadvertent downloading of a computer virus from the internet or a memory stick is a serious cyber security issue for shipping companies, the industry should be wary of attributing system breaches to human error.

In agreement with comments made yesterday in Dubai during a Cyber Risk and Data Theft seminar, that cyber security is still considered by shipping companies and terminal operators as an after-thought, Sela does not agree that better cyber awareness, crew training or the implementation of crew guidelines alone will have a lasting positive effect.

“When the cyber-criminal will always need the unwitting assistance of an unsuspecting crew member, technician or employee to activate or spread the virus, irrespective of the level of their cyber training or awareness, it is not enough to put it under the ‘human factor’ umbrella or apportion individual blame when a critical system has been breached.

“A cyber incident happens because systems are not protected, and hackers will continue to develop innovative ways and sophisticated solutions intended to take advantage of any weak spots in human nature. The implication, therefore, is that any cyber awareness training is a waste of time and money.”

The sophisticated methods hackers use is evident by the deployment of a new, previously unknown malware trojan called xHunt, which researchers at Palo Alto Networks’ Unit 42 say is being used to specifically target the shipping industry. It is alleged that xHunt and Hisoka – a backdoor used to facilitate trojan delivery – were successful in infiltrating the networks of two shipping companies operating out of Kuwait.

“The attackers have added some fun capabilities to Hisoka and its associated toolset. The attackers are aware of probable security measures in place at their targets and have attempted to develop ways to get in undetected,” Ryan Olson, Vice President of threat intelligence at Unit 42, told ZDNet.

Given that hackers will always find a way in, Sela believes attributing blame to individuals is pointless. It is also problematic because of the potential legal proceedings envisioned should a virus result in damage to the ship, its systems, personnel or the environment.

Maritime Cyber Security !

“It would be very easy to point the finger at an individual crew member, technician or employee for inadvertently spreading malware or other viruses, but this would not prevent further system breaches. What it will do is create unnecessary friction between employers and employees.”

He adds that limiting crew members’ access to the internet, social media or mobile phone charging facilities will also create problems.

“Prohibiting internet access is not the answer. This is now considered a basic human right and with many seafarers away from loved ones for months at a time, if they are unable to maintain regular contact with those at home, then not only could it adversely affect their well-being but deter others from a maritime career.”

Sela says the maritime sector – shipping companies and port operators – needs to adopt technical solutions to prevent system hacking, rather than simply implementing a culture change.

Recalling incident where a Mobile Offshore Drilling Unit lost control of its Dynamic Positioning system while drilling in the Gulf of Mexico, Sela says the investigation found that various crew members introduced malware when they plugged in their smart phones, and other devices.

“Would this have been considered human error if the DP and associated OT systems were adequately protected and the hack thwarted? I doubt it. If cyber-crime continues to be designated a human factor event, then the industry does not fully grasp the cyber problem.”
Source: Naval Dome

Lloyd’s Register has acquired cyber security specialists Nettitude.

April 4, 2018 CYBER SECURITY

cyber security in maritime

Cyber security is on the boardroom agenda as organisations worldwide seek to improve their resilience against a backdrop of high-profile, and increasingly sophisticated cyber-attacks. The number of breaches is up an average 27.4% year on year1 and 86% of companies around the world reported experiencing at least one cyber incident in 2017.

Founded in 2003, Nettitude is an award-winning provider of cyber security, compliance, infrastructure and managed security services to organisations worldwide and employs 140 cyber security specialists globally.

The acquisition strengthens LR’s existing broad portfolio of cyber security services spanning certification, compliance, training, auditing and security consulting to now include penetration testing, information security consulting, managed security services and incident response. Together, Nettitude and LR now provide a complete suite of cyber security assurance services to help clients identify, protect, detect, respond and recover from cyber threats.

cyber security in maritime

The need for cyber security solutions and growth in cyber security is driven by three broad areas:

  • Industry 4.0 [IR4]
    • As we move towards a more automated, integrated and interdependent, data driven economy, the risk of cyber-attack increases.
  • Cyber-attacks are non-discriminatory
    • Cyber-attacks are now targeting a broader spectrum of industries and companies – irrespective of their size and geographical location.
  • Regulatory
    • The regulatory focus on cyber security is increasing, with wide-ranging compliance requirements against standards, schemes and local legislation.

Alastair Marsh, Chief Executive Officer, Lloyd’s Register commented: “This is an important acquisition for Lloyd’s Register to enhance our capability in assuring the increasingly complex supply chains in which we operate.  Information and operational technology security is a key concern for our clients across all sectors, as we see increasing dependencies on technology and challenges created by Industry 4.0.”

 

SOURCE : LLOYD’S REGISTER – CLICK TO READ VIEW ARTICLE

Newer Posts

News

Quick Menu

Company DETAILS

SHIP IP LTD
VAT:BG 202572176
Rakovski STR.145
Sofia,
Bulgaria
Phone ( +359) 24929284
E-mail: sales(at)shipip.com

ISO 9001:2015 CERTIFIED