The CEO of Liverpool Seafarers Centre has called on the shipping industry to make COVID-19 vaccinations compulsory for seafarers.

At present, the shipping companies and crewing agencies who supply workers to their vessels recommend that crew members be vaccinated, but vaccinations are not mandatory.

John Wilson of the LSC says the welfare of seafarers must come first. “If you have been vaccinated, the likelihood of serious illness or death is limited. It’s not eroded completely, but the chances of you dying or having to be hospitalised are reduced greatly, as is the case for everyone,” he said. “It is a sensible way forward”.

“The underlying message at the moment is that if you’re not vaccinated, you will not be employed, but they haven’t made it mandatory. However I believe it is going to become mandatory from a continuation of employment point of view.”

SOURCE READ THE FULL ARTICLE

https://safety4sea.com/liverpool-seafarers-centre-crew-vaccinations-should-be-compulsory-to-protect-lives/


The State of California and the Port of Los Angeles are providing $12 million in funding to AltaSea, a nonprofit corporation, to fund the construction of a new blue economy ocean research and development centre.

Berth 58 – the site of the initial 60,000 square feet of the planned 180,000 feet of the Center of Innovation at AltaSea – will be the first fully renovated structure on AltaSea’s 35-acre campus at the Port of Los Angeles.

The centre will house ocean-focused businesses specialising in sustainable aquaculture, offshore renewable energy, and underwater robotics. Construction is expected to commence by mid-2022 and be completed in the first half of 2023.

AltaSea’s signed anchor tenants include the University of Southern California, the Southern California Marine Institute (made up of 23 universities, colleges, and institutes), Braid Theory, Holdfast Aquaculture, Montauk Technologies, and Pacific Mariculture.

Also among the tenants is the Ocean Exploration Trust (OET) and the research vessel Nautilus, which docks at AltaSea. OET has plans to build a 10,000 square foot interactive research and educational centre at AltaSea.

“AltaSea’s focus on the rapid growth of the blue economy adds a new dimension to our pursuit of sustainable solutions and expands the diversity of jobs across our port ecosystem,” said Port Executive Director Gene Seroka.

“The blue economy will not only provide workers with pathways to sustain and grow their professional and personal lives, but these jobs will allow them to be a crucial part of the solution to some of the world’s most challenging issues, including climate change.”

SOURCE READ THE FULL ARTICLE

$12m in funding for LA ocean research and development centre


A remotely operated harbour tug developed by Keppel Offshore & Marine has become the first such vessel in the world to receive the Remote Control Navigation Notation from class society ABS.

A trial of the 65-metre tug, controlled from a remote location at the Maritime and Port Authority of Singapore’s Maritime Innovation Lab, was successfully performed in April 2021. The second phase of the project, scheduled for late 2021, will see the vessel perform autonomous collision avoidance tasks while under remote supervision. The Maju 510 tug is owned and operated by Keppel O&M’s joint-venture company Keppel Smit Towage.

“As the overall system integrator, Keppel O&M is able to provide technology solutions and integrate best-in-class systems to offer customisable remote and autonomous functions for vessels,” said Tan Leong Peng, Managing Director (New Builds), Keppel O&M.

“With the offshore and marine sector evolving rapidly, we are leveraging our engineering expertise and harnessing advanced technologies to stay at the forefront of the industry. In line with Keppel’s Vision 2030, we are also collaborating with the Keppel ecosystem of companies, such as M1 with its connectivity solutions, to enhance our value add.”

ABS recently published its Guide for Autonomous and Remote-Control Functions, which introduced the REMOTE-CON notation and another recognising autonomous functions. The Guide sets out a goal-based framework for the implementation of these technologies on vessels and offshore units.

The Guide’s goal-based framework also covers interactions with relevant stakeholders such as port authorities and other vessels, using a risk-based approach to determine the requirements for the assessment and implementation of autonomous and remote-control functions.

SOURCE READ THE FULL ARTICLE

Keppel O&M tug granted remote control notation


Daewoo Shipbuilding & Marine Engineering (DSME) has been awarded a CyberSafety Product Design Assessment (PDA) for its DS4 Smart Platform by classification society ABS.

“We are pleased to have earned the ABS CyberSafety PDA to demonstrate the security of our DS4 Smart Platform. Digitalisation of fleet data is of benefit to owners and allows for condition-based maintenance strategies to be developed without increasing cyber security risk,” said Choi Dong Kyu, DSME Executive Vice President.

The DS4 Smart Platform collects data from equipment and systems on board a vessel for processing and visualisation to provide operational information to the ship operator. The ABS CyberSafety PDA process included a review of the system’s vulnerabilities listed in the vendor report and verification of mitigation measures undertaken during type testing.

“Increased levels of connectivity and reliance on more digitally-enabled systems introduce risks into the maritime supply chain and downstream owners,” said John McDonald, ABS Executive Vice President and Chief Operating Officer.

“Addressing risk in the supply chain allows the owner to mitigate potential negative impacts when that equipment is integrated on board vessels or offshore asset. The ABS CyberSafety PDA gives the owner installing the system confidence that the known vulnerabilities can be managed to minimise the impact on the vessel’s cyber security posture, while providing useful operational information.”

SOURCE READ THE FULL ARTICLE

DSME data platform completes ABS cyber assessment


Jan De Nul Group has moved its entire fleet of 82 vessels and jack-up barges to a new connectivity set-up, rolling out VSAT from Castor Marine with Iridium L-band back-up following the agreement of a long-term contract.

The Group managed to successfully migrate 98% of the fleet within three months of signing the deal, with up to six migrations taking place per day, the companies said.

The vessels have implemented a tailored VSAT system, with quality of service specified on the VLAN level. Bandwidth can be scaled up as required, based on ad hoc demands from each vessel.

Along with the VSAT and Iridium services, Castor Marine delivered 15 new Sailor 900 VSAT antennas and Sailor 4300 Iridium Certus antennas to replace existing hardware onboard. For the newbuild offshore jack-up installation vessel Voltaire and the offshore heavy lift vessel Les Alizés, Castor Marine supplied a set of antenna systems from the recently launched Sailor 1000 XTR VSAT range, including below deck equipment.

“It is nice to work with an agile and technically advanced partner. Flexibility is very important to Jan De Nul to cater for temporary project upgrades and downgrades. Castor Marine monitors these developments and communication lines are very short. We attach great importance to mutual trust. So far, everything is going as desired with our new Ku- and L-band supplier,” said Nils Crabeel, Communication Manager at Jan De Nul Group.

SOURCE READ THE FULL ARTICLE

Jan De Nul moves fleet to new connectivity system


Intellian has signed a new contract worth 71.1 billion won (approx. $61 million) with satellite operator SES, to build antennas for the O3b mPOWER medium Earth orbit (MEO) satellite network, to be located 8000 km above the Earth’s equator.

The deal covers antennas for both terrestrial and marine use in various sizes.

SES plans to introduce the O3b mPOWER service in the first half of next year, launching additional satellites to supplement its existing O3b service.

The new satellite network is expected to provide communication services between 50Mbps and 20Gbps using the Ka-band frequency, through a total of 20 medium-orbit communication satellites located 8000km above the Earth’s equator.

 

SOURCE READ THE FULL ARTICLE

Intellian to build SES MEO antennas in $61m deal


actively exploited in the wild.

Apache Software Foundation has released HTTP Web Server 2.4.51 to address an actively exploited path traversal vulnerability (CVE-2021-41773) that was only partially addressed with a previous release.

An attacker can trigger the flaw to map URLs to files outside the expected document root.

“A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root.” reads the advisory. “If files outside of the document root are not protected by “require all denied” these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts.”

The vulnerability affects only version 2.4.49, earlier versions are not impacted. A few days ago, Apache released Apache HTTP 2.4.50 to address the CVE-2021-41773

Immediately after the release of the Apache HTTP 2.4.50 experts disclosed that the exploitation of the flaw could lead to remote code execution when the mod_cgi module was loaded and the default “Require all denied” option was missing.

According to an updated advisory, Apache released version 2.4.51 to definitively fix the vulnerability. This new path traversal flaws is tracked as CVE-2021-42013.

“It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives,” announced Apache in an updated advisory. “If files outside of these directories are not protected by the usual default configuration “require all denied”, these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution.”

The vulnerability was reported by Juan Escobar from Dreamlab Technologies, Fernando Muñoz from NULL Life CTF Team, and Shungo Kumasaka.

The United States Computer Emergency Readiness Team (US-CERT) warns of ongoing active scanning of Apache HTTP Server CVE-2021-41773 and CVE-2021-42013 that could lead to imminent exploitation, for this reason, the US-CERT urges organizations to immediately patch their installs.

 

SOURCE READ THE FULL ARTICLE

Apache rolled out a new update in a few days to fix incomplete patch for an actively exploited flaw


The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Cyberespionage and sabotage attacks, and also ransomware attacks against critical infrastructure and government offices will trigger the response of the Dutch authorities, explained Ben Knapen, Dutch Minister of Foreign Affairs.

 

ransomware

The Dutch Minister added that the response to severe cyber attacks could be escalated, an attack against a critical response will require the rapid reply of the cyber defense, a response that disregards diplomatic relations between the countries involved.

Knapen highlighted the difficulty of attributing a ransomware operation to a specific threat actor, it explained that it is very complex to demonstrate that a non-state actor carries out the operation on the explicit instruction of or under the control of a state. As a result, the legal attribution of an act of a non-state actor to a state is usually not easy.

“For several years, the threat of ransomware attacks has been increasing around the world. A broad explanation of this threat is included in the Cyber Security Assessment Netherlands (CSBN) 2021, which was shared with the Chamber in June by the Minister of Justice and Security. One of the conclusions of CSAN 2021 is that cybercrime can affect national security if an attack causes massive damage, for example by disrupting vital processes. In a number of cases, cybercriminals enjoy the protection of the state from which they operate or there is cooperation.” Knapen wrote in a letter to the Dutch Parliament. “Due care principle In situations where attribution appears not to be possible in a legal sense, it may be desirable to look into a possible violation of the due care principle in the context of state liability law. The principle of due care means that states are expected to take into account the rights of other states when exercising their sovereignty. States have a duty to act when they have knowledge of the use of their territory in a way that harms the rights of a third state. Failure to comply with this obligation is a violation of an international law obligation.”

 

SOURCE READ THE FULL ARTICLE

https://securityaffairs.co/wordpress/123113/security/the-netherlands-war-ransomware-operations.html?utm_source=rss&utm_medium=rss&utm_campaign=the-netherlands-war-ransomware-operations


There has never been a more important time to listen. “Seek first to understand,” is a lesson I picked up early in my career that has generally proved effective in many situations as a leader, colleague and employee. (Not to mention at home as a partner, father, and friend; it’s a versatile maxim.) Eighteen months into this pandemic, given that the experience and effects of COVID-19 are simultaneously something that is universally shared and individually experienced, it’s more useful than ever to listen before you leap.

I have found the most rewarding moments are when you listen not just as a leader but also as a learner. With so many sources of education available, it’s tempting to gloss over the one right in front of you: your team.

Here are four examples where I recently learned from the people I lead. And remember, it doesn’t have to be a new piece of information to count as learning; the point is to be ready to adapt to something new.

1. Create a safe space

Demonstrate that you can hold a safe space for any kind of conversation. Be emotionally, mentally, and physically present (if you’re on video) to focus on the person in front of you, and what they want to talk about. Someone recently thanked me for creating a safe space after a conversation about a path to promotion, and while my initial response was to reply, “It’s a pleasure and it’s my job,” it made me think that if such a seemingly standard discussion requires a safe space, what about all the conversations currently not being had about more potentially sensitive topics?

It made me think about additional conversations we should be having about mental health, grief, anxiety, uncertainty, being overwhelmed, handling the return to work, among many others. As leaders, we must find ways to build trust and provide opportunities for our teams and colleagues to thrive.

2. Encourage open conversations

One of the ways to encourage more open conversation is to lean in. A usual weekly one-on-one coaching meeting recently opened with “How are you doing?” When I answered “Good!” the question came back, “How are you really doing?” I must have looked tired, maybe it was a Monday, either way it was an excellent question. It caught me off guard, as I was not really “Good,” rather more “Meh,” and we proceeded to have a really honest, open, authentic conversation both about some minor irritants I had experienced that day, and the importance of talking about such things together.

We are undergoing a seismic shift in our professional, social, and family lives. It’s one thing to say that “It’s OK to not be OK.” It’s quite another to model how this should work in practice. It’s OK to say you are not OK. Gently pressing on a topic in a non-confrontational way, perhaps with a time-bound get-out clause, can really open up a valuable discussion. The simple, but powerful, question: “How are you really doing, today?” Might help someone let off a little steam about current events and avert an explosion caused by bigger issues.

3. Get to know your team all over again

It can be hard to calibrate how much social interaction to try and foster as a distributed team all stuck WFH; weekly happy hours in crazy hats seems too much, never seems too distant. It’s impossible to get right, and it’s vital to try.

During a recent team discussion, someone randomly asked a teammate, a former Wall Street trader, about his opinion of our quarterly earnings call. The person asking the question did not know about his finance background, despite having been colleagues for almost two years. Once all the jokes had died down and we had agreed to stage a version of Mad Money on a subsequent team call, it made me think about all the connections that could break unless we protect them, such as small pieces of personal information that would get shared in an office or at a dinner, that help build familiarity (and inform team jokes and rituals).

Leaders need to find time for these group interactions and for one-on-one meetings that are more than just status updates. Another colleague advocates setting up quick introductory Webex meetings with people she meets in peripheral situations through the course of work to get to know them better, with no agenda except networking. Two years ago, I might have dismissed this as a distraction; now I think it’s vital and I do the same.

4. Listen to the most important member of the team: you

Whether you’re the leader, or the loudest person, or the longest-serving team member who everyone goes to for advice; whoever you are, check in with yourself. Make like a parent on a plane who is told to put their own oxygen mask on before attending to their family in case of emergency.

Self-care takes many forms and it’s worth remembering it can be as simple as taking one big meaningful breath. It could be the first breath of the morning, or between meetings to help context shift, or in the middle of a frustrating moment to help avoid being overwhelmed or when you walk out of your door for exercise. Whatever it is, whenever during the day it is, focus on your breath, fill your lungs to bursting, be in the moment, realize that there is always something to be grateful for (even if the only thing you can think of is the breath you are currently experiencing) and shut out the noise. Hold that breath for a moment, then a moment longer and then, as you exhale, let something go. Say goodbye to a worry or a negative thought and turn your mind toward things you’re grateful for.

I am grateful for the team I get to work with every day, and I love learning from them about how we can focus on the present, reflect on our past, and plan for our future.

At Cisco, we are leading a more inclusive future for all. To learn more about our open positions around the world, click here.

 

SOURCE READ THE FULL ARTICLE

https://blogs.cisco.com/security/4-keys-to-create-a-thriving-cybersecurity-team-for-long-term-success


Seably has launched a dedicated and comprehensive cybersecurity awareness training course for the maritime sector in collaboration with marine insurance providers Alandia and maritime cybersecurity specialists Deductive Labs.

Sensitive to the complex vulnerabilities within the maritime industry, the dedicated courses have been structured with in-depth content specifically developed by Deductive Labs in line with the established standards and regulations. The virtual training is practical and fulfils all maritime requirements. It provides hands-on instruction and is easily accessible and available both online and offline. Upon completing the training, both participants and shipowner organisations will receive the required certifications for IMO and ISM Code compliance for onboard audits.

The Maritime Cyber-security Awareness Training is suitable for all levels of seafarers. It brings together the understanding of the risks, culture and behaviours — onboard and onshore — with the tasks and technology necessary to protect systems, networks, programs, devices, and data from the increasing malicious cyber-attacks.

Johan Sjölund, business development manager for Deductive Labs said: “When designing these courses, we included specialised material that we know from experience creates the right frame of mind. Our goal is to eliminate weaknesses and vulnerabilities at all levels and within all systems. Cybersecurity is a complex reality. However, with over 15 years of security knowledge and experience in this field, we are confident that this bespoke training improves cybersecurity and goes beyond the specified regulations .”

Martti Simojoki, senior loss prevention manager at Alandia, confirmed their approval and collaboration of the superior quality of instruction contained within these courses. “We have integrated our expertise in pro-active maritime security management and loss prevention with the practical, hands-on and in-depth knowledge of Deductive Labs. We are confident that this new course, now available on the Seably platform, is one of the few recommended and complete learning systems within the maritime sector.”

The introduction of this maritime training adds to the range of specialised content available within the Seably marketplace. Andrea Lodolo, CEO of Seably, said: “Unfortunately, cyber-attacks are on the increase. They are constantly evolving and becoming more common. An attack on a vessel’s critical systems could easily threaten the safety of a ship as well as the business of shipping. No one within our sector can ignore this risk. We are introducing this complete and timely package of training courses to strengthen on-shore and on-board defences. These will equip ship owners and personnel with the required knowledge and skill-sets to ward off cyber threats.”

SOURCE READ THE FULL ARTICLE https://www.thedigitalship.com/news/maritime-satellite-communications/item/7315-seably-launches-virtual-cybersecurity-training-course


Company DETAILS

SHIP IP LTD
VAT:BG 202572176
Rakovski STR.145
Sofia,
Bulgaria
Phone ( +359) 24929284
E-mail: sales(at)shipip.com

ISO 9001:2015 CERTIFIED