Marco (Marc) Ayala is a process automation professional with more than 25 years of experience working in petrochemical facilities where he designed, implemented, and maintained their process instrumentation, automation systems, and process control networks. Currently the director and ICS cybersecurity section lead at 1898 & Co. (part of Burns & McDonnell), Marco has expertise with safety systems, advanced process control, enterprise historians, and industrial network security where he worked with enterprise IT to implement a corporate PCN security solution. He is active in cybersecurity efforts for the oil and gas, maritime port, offshore facilities, and chemical sectors, working alongside federal, local, and state entities for securing the private sector.

Marco is very active in ISA and has been a member for about 20 years. He is now a senior member and a certified cyber instructor for ISA. He sits on the Safety and Security Division (SAFESEC) committee and is their liaison to the ISA Global Cybersecurity Alliance. He is also the membership chair of the Smart Manufacturing and IIoT Division (SMIIoT).

“Safety, security, and digitalization are all so important,” Marco says. “There’s just so much to do.”

His activities outside of ISA also dovetail with his drive to contribute in these areas. Marco is the Sector Chief for the Maritime Domain Cross Sector Council (CSC) with InfraGard. He is a member contributor of the AMSC Gulf of Mexico (GOM) cyber panel, as well as the chair of the cybersecurity subcommittee of AMSC. Marco served on the working group that developed the “Roadmap to Secure Control Systems in the Chemical Sector” in 2009.

Source: blog

The topic of cyber threat intelligence (CTI) occupies roughly a third of the NMCP. It also generates a significant divergence of opinion among maritime cybersecurity experts.

Carter, who also serves on the Board of Directors for the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC), says that relationships he has established with members of the MTS-ISAC community, along with the contacts he was able to establish at DEF CON Hack the Sea, have become invaluable, and that they are finding successes working with each other.

“We are now seeing localized information exchanges launch that feeds into the larger MTS-ISAC, which will only better protect the maritime sector. I have personally shared half-million elements over five years,” he noted.

Dr. Kessler, on the other hand, says that there’s a need for better and more uniform information sharing of cyber intelligence.

“The ISAC/ISAO model is wonderful if you’re a member. In the late 1990s, the ISACs freely shared information. Today, the model is that you have to pay to be a member. I fully understand that the ISCAs need to be funded but the entire maritime transportation system is at risk, and that includes small operators, small manufacturers, and so on,” he added.

In a section on “Information and Intelligence Sharing”, the NMCP recognizes that “organizations such as Information Sharing and Analysis Centers provide a pathway to share information across the private and public sector coordinating Councils.” It also points out, however, that “multiple private sector entities claim to be the information-sharing clearinghouse for MTS stakeholders. Overlapping membership across cybersecurity information sharing organizations creates barriers to efficiently inform MTS stakeholders of maritime cybersecurity best practices or threats.”

An additional consideration is that not all organizations in the sector are at a sufficient state of cybersecurity maturity to leverage access to CTI. Organizations that do not have adequate understanding of their environment or capabilities to monitor their network and respond to events when they are detected are unlikely to benefit from access to third-party intelligence products. Those limited resources may be better dedicated to basic cybersecurity hygiene and workforce development.

Source: helpnetsecurity

Marco (Marc) Ayala is a process automation professional with more than 25 years of experience working in petrochemical facilities where he designed, implemented, and maintained their process instrumentation, automation systems, and process control networks. Currently the director and ICS cybersecurity section lead at 1898 & Co. (part of Burns & McDonnell), Marco has expertise with safety systems, advanced process control, enterprise historians, and industrial network security where he worked with enterprise IT to implement a corporate PCN security solution. He is active in cybersecurity efforts for the oil and gas, maritime port, offshore facilities, and chemical sectors, working alongside federal, local, and state entities for securing the private sector.

Marco is very active in ISA and has been a member for about 20 years. He is now a senior member and a certified cyber instructor for ISA. He sits on the Safety and Security Division (SAFESEC) committee and is their liaison to the ISA Global Cybersecurity Alliance. He is also the membership chair of the Smart Manufacturing and IIoT Division (SMIIoT).

“Safety, security, and digitalization are all so important,” Marco says. “There’s just so much to do.”

His activities outside of ISA also dovetail with his drive to contribute in these areas. Marco is the Sector Chief for the Maritime Domain Cross Sector Council (CSC) with InfraGard. He is a member contributor of the AMSC Gulf of Mexico (GOM) cyber panel, as well as the chair of the cybersecurity subcommittee of AMSC. Marco served on the working group that developed the “Roadmap to Secure Control Systems in the Chemical Sector” in 2009.

The study is global, yet split into 7 regions: Africa, Asia-Pacific, Central Asia, Europe, Latin America, the Middle East, and North America. It includes the top 100 ports based on twenty-foot equivalent units (TEUs) handled, corroborated for 196 countries.

The shipping industry is responsible for about 90% of global trade by volume. Governments prioritize the safe and secure transportation of goods, including from land to sea at port sites, to ensure economic stability and growth.

Ports are regarded as national infrastructure and are both a potential terrorist target and an entry point for terrorists; still, persistent threats (the illegal movement of individuals, weapons, drugs, or other illicit materials) are often higher on the risk register than terrorism-related threats because they are more common and cause greater losses or damage to port operations. Concerns about persistent threats are primarily behind the push to enhance security technology at ports, with the West taking tougher stances on border control to stem the tide of illegal immigration.

This research assesses the global maritime port security market through the identification of market trends, drivers and restraints, key technologies, and main developments by region. An examination of notable projects and investments will identify areas of considerable growth and opportunities for security providers. The focus is on the land-side security of a port; the study excludes ship onboard security technologies, automatic identification systems, and vessel traffic services and systems.

Technologies include access control and identity management, C2, communication equipment, cybersecurity, data analytics and storage, fire equipment, screening and detection, surveillance, vehicles and platforms, personal protection gear, and managed services.

Source: globenewswire

Take up of cyber insurance in the marine sector to date has been slow, but that’s bound to change.

One key reason is that the maritime industry is changing rapidly, said Dieter Berg, head of marine business development for Munich Re.

“Until recently, ships were isolated, and the logistics process was not technologically advanced. This market is changing very quickly to digital communications and connectivity.”

Those changes include more than just electronic navigation and communication, they extend to smart containers and real-time logistics routing and scheduling.

“This digitalization changes the risk profile for the marine industry,” said Andreas Schlayer, senior cyber underwriter for Munich Re. “The more an operation is electronic, the more the dependence on data changes the risk profile and the behavior.”

Source: riskandinsurance

After the Japanese attacked Pearl Harbor, the Goodyear blimp Resolute was put into service spotting enemy submarines. There’s a lesson for 21st-century cyberwarfare.

The Constitution gives Congress the power to issue “letters of marque and reprisal”—essentially licenses authorizing private parties to wage war on the government’s behalf. Congress issued letters of marque liberally until the end of the War of 1812, and they were particularly useful during the First Barbary War (1801-05). The fledgling U.S.’s fleet of six frigates couldn’t stem piracy alone. Letters of marque enlisted U.S. merchantman as far away as the Mediterranean, where Barbary states often provided pirate ships with safe harbor. In the typical 19th-century use, Congress issued letters of marque to schooners and sloops, giving their operators the authority to sink or capture pirate ships by force.

Source: wsj

TSUNEISHI SHIPBUILDING of Japan is the latest company to be confirmed as implementing shipbaord data collection operations using the IoS-OP (internet of Ships open Platform) framework, for a newbuild bulk carrier currently under construction.

IoS-OP is an open platform that enables the sharing of vessel operations data among shipbuilders, manufacturers, and related service providers based on a set of data sharing rules agreed by all stakeholders.

TSUNEISHI will operate within this framework to collect actual operational data for the newbuild ship, so that the data collection infrastructure is integrated into the 82,000DWT bulk carrier’s operational systems from the sea trial stage.

The data to be collected includes draft and shaft horsepower, fuel consumption and power consumption from the main engine, generator, and auxiliary machinery, as well as information from the Voyage Data Recorder (VDR). In total, some 800 items will be included in the data collection process.

The collected data will be shared between the shipyard and shipowner through the ‘ShipDC Portal’, provided by ShipDC on behalf of the IoS-OP, and will be utilised for the development of new ship types based on an enhanced understanding of machinery condition and evaluation of the ship’s performance.

Source: smartmaritimenetwork

Netbull participates as Gold Sponsor in the online “Maritime Cyber-Security & Safety Conference” organized by BOUSSIAS Communications and netweek, that will take place on Thursday 20th of May 2021.

At the 1st section of the Conference subjeted: Cyber Safety Awareness – One step beyond (10:05 – 12:30), Mr. Nikitas Kladakis – Information Security Director of Netbull at his presentation titled:

“Zero Trust Architecture: A new era in Maritime Security”

will analyze the way, the tools, the architectures and the technologies that our company uses for data breach detection in shipping companies environments. Our effort is assisted by the adoption of Zero Trust Architecture and the use of Automation and Artificial Intelligence technologies, which are independent of where the IT (Information Technology) and OT (Operational Technology) environments are located.

Source: netbull

Dryad and cyber partners RedSkyAlliance continue to monitor attempted attacks within the maritime sector. Here we continue to examine how email is used to deceive the recipient and potentially expose the target organisations.

“Fraudulent emails designed to make recipients hand over sensitive information, extort money or trigger malware installation on shore-based or vessel IT networks remains one of the biggest day-to-day cyber threats facing the maritime industry.”

Dryad Global’s cyber security partners, Red Sky Alliance, perform weekly queries of  backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.

With our cyber security partner we are providing a weekly list of Motor Vessels where it is observed that the vessel is being impersonated, with associated malicious emails.

The identified emails attempted to deliver malware or phishing links to compromise the vessels and/or parent companies.  Users should be aware of the subject lines used and the email addresses that are attempting to deliver the messages.

Those who work in the security industry can quickly identify the suspicious aspects of these emails, but the targets often cannot. Even if attackers can only get 10% of people to open their malicious email attachments, they can send thousands out in a day using similar templates resulting in hundreds of victims per day. They can also automate parts of this process for efficiency. It is critical to implement training for all employees to help identify malicious emails/attachments. This is still the major attack vector for attackers looking to attack a network. These analytical results illustrate how a recipient could be fooled into opening an infected email. They also demonstrate how common it is for attackers to specifically target pieces of a company’s supply chain to build up to cyber-attacks on the larger companies. Doing so could cause the recipient to become an infected member of the maritime supply chain and thus possibly infect victim vessels, port facilities and/or shore companies in the marine, agricultural, and other industries with additional malware.

Source: channel16.dryadglobal

Aong focused on mitigating physical risks such as piracy, the maritime shipping industry is currently grappling with a new challenge: how to respond to a dramatic spike in cybersecurity threats.

From February to June 2020, cybersecurity consulting firm Naval Dome documented a 400% growth in attempted hacks against maritime targets. Driven by increased numbers of remote access paths onboard vessels and the convergence of new information technology (IT) targets into traditionally operational technology (OT) environments — as well as the perceived value in targeting an industry that carries nearly 90% of the world’s trade — these attacks represent a serious new threat to the backbone of global commerce.

“This convergence is increasingly more pervasive because of the nature of digitalization trends, like using onboard sensors and tracking data off operational systems for predictive maintenance purposes, that open more attack surfaces on the IT side that can enter into the OT environments,” said Don Ward, senior vice president of Global Services at Mission Secure, a global provider of OT cyber-protection solutions. “We frequently see that clients think they have certain portions of their system on islands – inevitably, in every assessment we find a backdoor into these environments.”

It’s a balancing act that all digitally maturing industries face: deriving efficiency gains from integrating today’s latest technology while limiting the potential vulnerabilities from doing so. The maritime sector is still catching up to its aerospace and automotive counterparts in implementing modern cybersecurity best practices, but malicious actors will not be waiting idly for it to arrive there.

Source: tsi-mag