Riviera Media features a discussion on cyber threats and security for the tanker sector of the maritime industry by Julian Clark, Global Senior Partner at Ince. “The lack of adequate protection is particularly prevalent in relation to cyber-attacks on on-shore and on-vessel operations technology (OT) networks and control systems, as just 42% of organisations protect their vessels from OT cyber threats.”

Clark covers the current state of the industry, insurance considerations, potential consequences, including legal, and the ongoing efforts to achieve compliance and security.

“Tanker operators and managers are not sufficiently protected by being compliant with the new regulation – this is a ‘level-one solution to a level-four threat’ – accordingly, a tick box approach to compliance is far from sufficient.”

Julian Clark, Global Senior Partner at Ince

Source: missionsecure

The British Ports Association and the UK-based risk management firm Astaara have released a new study on the wave of cyberattacks seen by maritime stakeholders over the past four months.

In one high profile attack in May, computer systems at Iran’s Shahid Rajaee port facility at Bandar Abbas, creating traffic jams and serious operational disruption. Astaara believes that the attack came in direct response to a failed Iranian cyberattack on an Israeli water facility in April. (Iran has denied any involvement in the earlier incident.) U.S. officials told the Washington Post that Israeli forces orchestrated the retaliatory hack on Shahid Rajaee.

While attacks from criminal groups are far more common than suspected state-sponsored hacking, the overall upward trend is driving increased interest in security, according to Astaara. “Now, more than ever, the advantages of [digitalization] should be capable of being realized, but only if the corresponding management resilience and recovery plans are in place and practiced,” said Robert Dorey, CEO of  Astaara. “Processes need to be continually reviewed and updated as necessary, training provided, and new approaches to monitoring assessed and adopted.”

He noted that the new remote-work alternatives to standard operations like surveys and marine superintendent spot inspections have created new vulnerabilities for shipowners. Remote working has been identified as a major risk for security, as the attack surface is broadened.

Criminals realize this and do not care about the human cost of Covid-19, or their crimes. They are not interested in the morality of their action. Instead they are interested in disruption and making money; they see Covid-19 as an opportunity,” said Dorey.

According to Astaara, the way to fight back is to practice basic cyber hygiene and to invest an appropriate amount in security. Currently, cybercrime nets around $2 trillion per year for criminals worldwide – compared with the $150 billion a year spent by companies and individuals in protecting systems. “When you have ever more stringent regulations, a user population that is innovative in breaking the rules, and an external environment that is hostile to say the least, you cannot afford not to invest in your security, and to protect those aspects of business that depend on others for their delivery,” Astaara and BPA advised in the white paper.

Source: maritime-executive

Source: thedigitalship

When Maersk fell victim to the NotPetya ransomware cyber-attack in 2017 (resulting in a loss of over £300M³ ), it highlighted that no shipping company is immune to cyber-attack – even IMO has been hacked. Cyber risk has been on the IMO agenda for some time and on 1 January 2021, MSC 428(98) was finally adopted. Tanker operators and managers are not sufficiently protected by being compliant with the new regulation – this is a ‘level-one solution to a level-four threat’ – accordingly, a tick box approach to compliance is far from sufficient.

The lack of adequate protection is particularly prevalent in relation to cyber-attacks on on-shore and on-vessel operations technology (OT) networks and control systems, as just 42% of organisations protect their vessels from OT cyber threats⁴. Additionally, an alarming 92% of the estimated costs arising from a cyber-attack are uninsured⁵ and the access and limits of cover are often restricted, which has serious risk-management implications for tanker owners and operators.

The devastating effects of a cyber-attack are not only financial and reputational, but crucially also legal. Tanker owners could face real challenges in order to establish due diligence and protect themselves legally if an incident arose from their vessel being cyber-compromised. They can expect cargo interests and others to raise arguments that there was a failure to make use of available cyber-security protection systems to ensure they were adequately protected.

In relation to the concept of due diligence and the application of the Hague Visby Rule Article IV Rule (ii) defences, shipowners will need to show due diligence in relation to protecting their vessels against a cyber-attack. The duties of due diligence are generally not delegable, so while a contractual provision ensuring that the manufacturer takes responsibility for cyber-integrity creates a potential right of recourse, this does not itself provide a defence to a claim. Additionally, where there are systems available in the market that can provide protection against a cyber-attack, and an owner has failed to implement appropriate measures or is unable to show they have an effective system in place to address cyber-risk, such omissions could amount to recklessness, giving rise to a possibility to break limitation.

We can expect to see claimants raising issues of unseaworthiness where they suffer loss or damage as a result of a vessel being cyber-compromised.

It is critical for tanker owners and operators to take an integrated, comprehensive approach to protecting their organisations against cyber threats. Our recent venture with Mission Secure (leaders in providing military-grade cyber security for OT systems) to launch an industry-first, integrated legal advisory, consultancy and technology cyber-security solution, addresses this market need by providing both advisory and action to fully protect companies beyond the current regulatory guidelines.

Source: rivieramm

Before starting at at Telenor Maritime, Toni was the CEO of KNL Networks, which was acquired by Telenor Maritime in 2020. Before Co-founding KNL Networks in 2011, Toni worked at the University of Oulu as a research scientist and Doctoral student from 2008 to 2011. He is a former electronic warfare officer in the Finnish Defence Forces and has 20 years of hands-on radio experience. Toni is a former member of the Arctic Council Task Force on Telecommunications Infrastructure in the Arctic (TFTIA).

With KNL onboard, Telenor Maritime believes its new platform can help facilitate the digitalization of the shipping industry, with secure, reliable and cost-effective sharing of data right across the globe. The webinar will address opportunities and challenges in maritime digitalization and cyber security. Onboard capabilities in cybersecurity and IT are often somewhat limited. Most of onboard equipment are not designed to be connected, so devices their selves don’t provide sufficient security. Cybersecurity has become one of the biggest threats to the industry.

We look forward to learning more about cyber security!

Source: nme

No one is likely to forget 2020 in a hurry. The pandemic had a seismic effect on all our lives and livelihoods, exerted a significant impact on trading and, out of urgent necessity, transformed working practices the world over. The availability of high-speed, high-quality connectivity has been an invaluable asset, enabling organisations to maintain their business continuity.

The corresponding downside has been an alarming escalation in the incidence of cybercrime, and some very high-profile shipping companies have recently borne the brunt of these attacks. Already suffering from the disruption caused by lockdown measures and market volatility, an additional setback was extremely unwelcome and costly for these companies.

The regrettable fact is that the same critical pressure which forced organisations everywhere to rapidly move so many aspects of their operations online conversely represented a golden opportunity for hackers. All four of the most prominent container operating firms fell victim to malware or ransomware attacks within months of each other, in effect compromising almost 60% of the world’s container traffic.

Vulnerabilities

These exceptional circumstances only exacerbated a problem which was already growing long before the pandemic took hold – namely, that the maritime industry has been conspicuously slow to fully acknowledge the vulnerabilities that accompany the digital revolution. Companies which view the cyber realm as too complex and nebulous to engage with can often fail to grasp the financial, operational and reputational damage a cyber event can wreak until their own businesses have already been impacted.

Underestimating their own susceptibility, usually through a lack of understanding at management level, is a recurrent issue. Many shipowners assume that since their vessels can operate independently from shoreside teams, then the cyber risk is negligible. However, ships communicate to shore via mobile phones, emails, Zoom calls, etc, and these are all vectors of infiltration into a ship’s onboard network.

Such vulnerabilities actually stem from head office; this is where the patching is driven from, where upgrades in IT and technology originate, and where shipowners exchange data with engine manufacturers, fuel suppliers, clients and financiers. Most importantly, it is also where training and education programs are organised. If that side of the equation is poorly managed, there’s a fair chance that the vessels won’t be optimally managed from a cyber perspective either.

Consistent benchmark

The salutary experiences endured even by the ‘big scalps’ mentioned earlier have sent shockwaves throughout the industry, prompting a significant intensification of threat awareness. In addition, the introduction on January 1 of the 2021 IMO Cyber Security Guidelines can only have a beneficial influence upon the take-up of effective maritime cyber risk management programs.

Importantly, these guidelines provide a consistent benchmark, a framework within which companies can measure their cyberattack preparedness. No one yet knows how punitively the new rulings will initially be enforced, but setting an example by detaining vessels for insufficient cyber protection might be the most bluntly effective means of getting the message across.

The US Coast Guard has already issued three tiers of detention for cyber deficiencies, by which any vessel arriving in a US port with a malfunctioning critical system will be detained until the issue has been resolved.
(For more details, see: https://www.westpandi.com/publications/news/november-2020/uscg-notice-of-implementation-of-cyber-hygiene-and/ )

This will inevitably take time, and a detained ship won’t be making any money while it’s off-hire. The resultant lost earnings whilst the vessel is detained would not be recoverable by loss of hire or delay insurance, which usually specifically exclude delays when the detention relates to non-compliance with international or national regulations.

Whilst the Nordic Marine Insurance Plan, for example, advises that a delay caused by a cyber attack could be covered under clause 5.1.B (Hull and Machinery perils) as, de facto, it would stop the ship from operating, this may not be true under other underwriters’ policies. As the vessel is technically damaged, the costs of fixing it would be recoverable less the applicable deductible. However, if the H&M Policy contains a Cl. 380 exclusion clause, computer breakdown due to a cyber attack would not be covered. If the breakdown occurred because of an ordinary bug in a software update, it would be covered regardless of a Cl. 380-style exclusion clause. If the breakdown was covered under the H&M, LoH (Loss of Hire) would respond unless there was also a Cl. 380 exclusion in the LoH policy.

A further complication for insured parties is the LMA 5403 clause, introduced by Lloyds in November 2019. In order to establish whether or not they are covered in the event of a cyber incident, attribution/causation must now be pursued to ascertain whether the incident arose from negligence or deliberate interference by a malicious insider or third party; and, if deliberate, whether this was a state sponsored move or an act of terrorism. We are of the view that the market approach is not constructive and creates uncertainty.

Due diligence

Where the Hague-Visby Rules oblige shipowners to exercise due diligence in making their vessels seaworthy prior to the commencement of any voyage, it is now incumbent upon them to prove that they are also applying cyber due diligence – everything from updating patches and running security checks to making sure passwords aren’t glued under keyboards, ensuring that crews are properly trained in cyber security and aren’t, for example, letting visitors charge their phones through USB ports on the network, and so on.

BIMCO has now also issued a cyber clause for charterparties, which in essence says that not only will parties use their best efforts to prevent cyberattack, but will also make sure that subcontractors do likewise. Liability could be problematic to establish here, particularly for charterers in terms of confirming which standards the parties will be judged against.

Underwriting

From an underwriting perspective, P&I Club mutual policies currently have no cyber exclusions, so if an assured were to have a collision, say, because they’d been hacked and lost control of their ship, they’d still be covered. The exception to this would be where a ship’s systems are hacked by terrorists or a belligerent power; such instances would then fall to war risk underwriters, not cyber underwriters – an important distinction.

As mentioned above, Cl. 380 or the more recent market standard cyber exclusion clauses are generally applied to other insurance policies. The assured’s options are either to simply “buy out” the exclusion or consult specialist providers like Astaara who can provide a global package cover that is far more comprehensive than alternatives which just reinstate the Cl. 380 or similar exclusions.

The key for all concerned is to plan and proceed methodically. Cyber risk management is about doing the basics well, which doesn’t necessarily require a huge investment. By making it a priority, driven by the Board from the top down so that factors such as using multi-factor authentication and ensuring antivirus software is up to date become an ingrained daily habit for all employees, companies will address what might look like minor issues, but which could otherwise have a disproportionately large impact on their business.

The 2021 IMO Cyber Security Guidelines: what you need to know

In practice, shipowners will need to demonstrate a full understanding of mandated cyber security protocols by conducting a comprehensive inventory of all at-risk onboard and offshore systems, including IT and OT equipment.

Vessels will then be subject to a cyber risk analysis and evaluation to assess their vulnerability and the mitigation measures which have been or need to be applied on board.

Thereafter, shipowners can implement the cyber risk management program best suited to their vessels and equipment, establishing crisis management strategies and incorporating crew training procedures which clearly demarcate their specific roles and responsibilities.

Based upon the National Institute of Science and Technology cyber framework, the 2021 IMO Cyber Security Guidelines involve five basic steps.

1: Identifying risk
2: Detecting risk
3: Protecting assets
4: Responding to risk
5: Recovering from attacks.

Source: hellenicshippingnews

Interview: Manolis Lazaridis, CEO of the Diaplous Group

“There are two types of companies, those that have been hacked and those that will be” said Robert Mueller FBI Director “….and there is a third type, those that have been hacked and simply don’t know it yet” added Mr. Lazaridis, CEO of the Diaplous Group, already having a long and rising carrier in the maritime industry. The Diaplous Group started out as a private maritime security company (PMSC) in 2010, providing services to the owners and operators of vessels in high-risk areas. Over the decade, Diaplous has grown into the world’s most compliant, approved and certified MRM provider serving stakeholders of the maritime industry. The group maintains six offices internationally and a client base of over 930 shipping companies globally.

Q: What triggered you to establish DIAPLOUS-CYBER?

A: During the last decade, there was a rapid growth and evolution of cybercrime. Attackers developed more sophisticated tools and techniques to penetrate into a company’s network, which increased both the number of cyber-attacks and data breaches.  

Therefore, DIAPLOUS-CYBER was born to apply cutting edge cyber security technologies and holistic solutions for companies to maintain 

business continuity in adverse conditions. We carry the vast anti-piracy experience of the Diaplous group from the physical world over to cyberspace, and are able to draw on leading providers in our service offering. Our NATO-trained experts brought over engineering capabilities and we are now able to monitor vessels via the Cyber Defence Operations Center (CDOC) and implement countermeasures in near real-time. 

To enhance our services further, we are also partnering with Alpha Marine Consulting in offering Cyber Risk Assessment and Cyber Risk Management.

Q: Is cyber security expensive? 

A: “Cybersecurity is not expensive is priceless” compared to the overall damage a company can experience after a cyber security incident. Recovering from such an incident can cost a company even a six-digit amount of money, let alone the reputational damage, putting many out of business. 

One of the most known examples is the cyber-attack targeting Maersk, which cost the company almost $300 billion.

This is why we are firm believers that businesses should take a proactive approach to cyber security and invest on it before a cyber incident takes place. 

Q: What is the situation in the maritime industry?

A: Our experience so far has shown that, unfortunately, the majority of the Greek shipping companies is not aware of the importance of cyber security and does not consider cyber-attacks as a potential threatening risk. A common misconception is that only large businesses are a potential target for cyber attackers. This is a myth! In fact, cyber-attacks on smaller businesses are more common than many might think.

Through our series of webinars, we are trying to raise the Greek industry’s awareness about cyber security and educate our participants as much as possible on this topic. We have already organized successfully three webinars and we are planning to offer more during the following months, covering different topics around cyber security and defence.

Q: How should a cyber incident be handled? Is there an analogy with the typical “marine incident”?

A: A cyber incident should be treated as a marine incident, and the measures to be taken to deal with it will depend on its severity. In fact, in every Management System there must be a categorization of events based on their actual or potential impact. Each category of events will mark defined actions and reaction times, the manning of the crisis response team and other actions on the part of the company and the ship. 

There is, therefore, an obligation for each company to organize a Response Plan, which should be combined with the existing Emergency Response Plan.

At the same time, we must stress the importance of the mandatory annual drills and readiness exercises which can be combined with penetration tests.  It becomes clear, then, that the success of dealing with a cyberattack depends on the training and preparedness of the participants and their familiarity with the procedures and obligations.

Q: How useful and necessary is the penetration testing?

The penetration test is an essential tool for any company in order to identify the vulnerabilities of its IT and OT systems as it offers the ability to detect all the effects of a cyber-attack. It is also the most useful tool for risk assessment as, from a technical point of view, it will provide us with more complete information than any other method of approaching and assessing weaknesses.

The penetration test must be done in the company and at least in a percentage of its fleet and must be repeated at regular intervals to confirm the effectiveness of the corrective actions taken each time.

It should be noted that charterers, and especially oil companies, now require penetration testing during both TMSA Office Audits on both the company and the ships.

Source: cyprusshippingnews

Source: cruiseandferry

Inmarsat, the world leader in global, mobile satellite communications, has released a new, free of charge report covering new International Maritime Organization obligations and their implications for cruise ship and ferry professionals. The obligations enter into force next year and the report aims to support owners, managers and captains on compliance as they work to protect passenger ship cyber security.

Published by the Inmarsat Research Programme, Cyber Security requirements for IMO 2021 offers unique insights into Inmarsat’s cyber security experience and examples of real cyberattacks on vessels, providing cruise ship and ferry owners, managers, captains, engineers and technical officers with a guide to the criteria for compliance. By IMO resolution, passenger ship Safety Management Systems must be documented as including cyber risk management under the International Safety Management Code no later than the first annual audit after 1 January 2021.

The 40-page document highlights the way threats continue to adapt and evolve, reporting a fourfold increase in cyberattacks on maritime targets that coincides with the industry’s move to home-based working through the Covid-19 pandemic. It also provides a comprehensive explanation of the often misunderstood distinctions between anti-virus software and network endpoint security.

Source: hellenicshippingnews

CIMSEC discussed the development of the 1980s Maritime Strategy and the role played by the CNO Strategic Studies Group with Admiral William Owens (ret.). Admiral Owens was part of the first SSG during 1982. In this discussion, he discusses changes brought about by the Maritime Strategy, the implementation of the Maritime Strategy concepts by the fleet, and what lessons the Maritime Strategy and SSG have for the modern era.

What was new about the Maritime Strategy and how was it a shift from 1970s concepts and plans?

For the Navy and the Marine Corps, for the entire Defense Department, and for our country the Maritime Strategy was a turning point in the Cold War! For most of the years since World War II the United States Navy and Marine Corps had been focused on how to most efficiently get land and air forces into Central Europe to protect against a Soviet attack. This was the focus of all our force planning. All our analytic efforts in the Pentagon and the grand majority of money in the defense budget was organized around that particular task. The Maritime Strategy changed all of that in profound ways.

Can you briefly describe your personal involvement in the strategy development process?

My personal role was as a member of the first Strategic Studies Group, the SSG. This SSG and the concept was set up by Admiral Tom Hayward, the Chief of Naval Operations (CNO). And it is thanks to Tom Hayward, his vision, and his leadership style, that we wound up with a Maritime Strategy that materially changed everything.

Tom Hayward established the group under Bob Murray, a wonderful gentleman who had been the Under Secretary of the Navy. My personal involvement then was as one of the eight members of that first SSG. Admiral Hayward had personally chosen the eight of us, one from each branch of the Navy and two from the Marine Corps, to spend a year together. That was a transformative year for me and for all of us. As a submariner, I had spent all of my years, about 18 of them, in the submarine force, and had very little experience in the grand strategy of the Navy or the Defense Department. Indeed, I had very little knowledge of the other branches of the Navy, such as the fighter community, the surface navy, the amphibious forces, or the Marine Corps. This year changed all of that for me personally and immersed me in what was, we thought, the principal effort to bring together a very different position for our Navy.

While Secretary Lehman had talked about a different strategic force and several had talked about the need for a more offensive Navy, never before to my knowledge had we put together such a broad view of what the Navy and Marine Corps could possibly execute as principal members of U.S. forces. It is important to note Admiral Hayward’s role in the formation and tasking of the SSG, and in his leadership in imagining the entire year for the eight of us. I will always remember that as a precious lesson of how to lead! The CNO told us personally when we asked “what was the deliverable,” that he did not know. He said, “I formed this group because I have tremendous confidence in each of you, and I expect you to spend a year with no restrictions to do something good for the United States Navy and to make the year worthwhile in every respect, including for yourself.”

Follow-up sessions with Admiral Hayward occurred only two or three times during the year, and under Bob Murray’s leadership we had no restrictions, all doors were open, and all lines of thought were encouraged. This was the only time in my entire time in the Navy that I saw this degree of complete confidence and “gutsy” leadership to do something very special for our Navy and our country.

The SSG is often cited as a key (if not the key) driver behind the emergence of the Maritime Strategy. But at the same time, other initiatives and groups, including exercises such as Ocean Venture ’81, the OP-603 strategist community, the Advanced Technology Panel, and Secretary Lehman’s personal involvement were combined with pre-SSG elements such as Sea Plan 2000 and the Global War Games. In your opinion, which of these elements were the most significant and how did they interact with each other to create what we know as the Maritime Strategy?

While many of these products were well-known to us, there were none in my opinion which laid out the specifics of a new Maritime Strategy, one that would indeed change all of the force analysis, and that would change the thinking in the Congress and in the inner halls of the Kremlin. Regarding which organization came first with the Maritime Strategy, I leave it to the readers. But from our standpoint in the SSG, we had been sent by Admiral Hayward to “do good for the U.S. Navy,” and after many, many discussions among ourselves and many other potential activities that we could have undertaken, we chose to look at how the United States Navy and Marine Corps could play a much more offensive role in what was then the great challenge, the Soviet Union. I know that others were interested in this work, the CNO’s staff was doing work on strategy, and Secretary Lehman had done some work thinking about the Navy of the future.

But for us, we were not aware of any macro-level strategy for our country that dealt with the use of offensive maritime forces. Additionally, when we were looking to brief various commands, through Bob Murray and Admiral Hayward, there was a decision that we should go and visit all of the four-star U.S. Navy commanders to represent a new way of thinking about our Navy, which we called the Maritime Strategy. So, regarding who the originator was, from our standpoint we believed that we were taking the lead and had founded something that could be very special for our country, and I believe it was the SSG who dubbed it the Maritime Strategy.

How did the SSG, and through it the Maritime Strategy, influence and spur innovation in real-world fleet operations and exercises, both at the theater and at the tactical levels? What role did the SSG’s extensive travel to operational fleet commands, or the feedback received from the theater commands and flag ranks, help influence the strategy?

Commander Art Cebrowski and I were the two most junior officers on the first SSG. The natural flow had us both involved in developing presentations, doing some writing, and then eventually being the two briefers that took the Maritime Strategy to each of the four-star commanders-in- chief of the theaters. As such we were able to internalize and absorb the many comments that we received, which were at first quite doubtful, and then in a growing way, believing that there was indeed a new way possible to use naval force. Eventually Art and I started to feel more and more confident. With Bob Murray as an enormous mentor, a shield, we had a great interface with CNO Admiral Tom Hayward to continue our work and then to broaden it.

We noticed that within a few months exercises were being conducted in the various fleets, especially Seventh Fleet, to test out some of the concepts in the field. But more importantly, each of us was blessed to move on to become more senior and start exercising these concepts ourselves. As a young one-star admiral, I was able to mass four dozen attack submarines far forward and “demonstrate to the Soviets directly that we were there in numbers.”

When we looked at the ability of the United States Navy to take the battle forward to the Soviet bastions, to the northern flank of Norway and even the Arctic, when we were able to use carriers, surface forces, and the submarine force together far forward both in the Atlantic and the Pacific, we started to realize that we were having an impact on the Soviets themselves. No longer were the bastions and the northern and western flanks totally the property of the Soviet Union. After the Cold War was over, there were intelligence reports reflecting the critical difference the Navy and Marine Corps’ positioning had had on strategic thinking in the Soviet Union and indeed in their reflection that they could not win, no matter how much they poured into their defense systems.

Why did the Maritime Strategy “work,” if it did, and what about the process has been so hard to replicate?

The Maritime Strategy worked because there was an open mind in the leadership ranks of the Navy, there were very active supporters in OP 603, and in the intelligence community. And I would note that Rich Haver was particularly valuable to us in gaming and supporting our efforts. Rich was a senior civilian, an intelligence professional working in the Chief of Naval Operations office directly in what was called Code 009. He was extremely interested in the SSG’s deliberations and participated in many of our wargames and discussions. He was also a source of information from the intelligence community, and we spent considerable time with Rich regarding the intelligence implications of our thoughts on the Maritime Strategy. We saw a lot of Rich in Newport with the SSG.

Underlying it all, of course, was Tom Hayward and Bob Murray’s terrific leadership. They were the single most important factors in driving the success of those first SSGs! I think it was hard to duplicate the work of the first three or four SSGs, as follow-on CNOs did not lead the effort in the same sense that Tom Hayward did, and there was never another Bob Murray. I think the concept is strong and could remain strong under the right leadership. In other words, “take the very best from the warfare communities, give them a free rein for a year, and ask them to deliver a product that is worth the time and effort for their Navy and Marine Corps.” I don’t think that ever happened again after the first two or three SSGs.

How did the strategy interface with the POM process? What was its budgetary and programmatic influence, what mechanisms channeled this influence, and how did these processes change over this time period?

Because of senior leadership and our exposure to all of the Navy’s four-star officers, there eventually was considerable support and understanding of what the United States Navy and Marine Corps capability was, and I believe that flowed through every branch of both services. Especially for those of us who became three- and four-star officers, we drove the Maritime Strategy as part of all of our budgeting and programmatic directions. It was a critical part of my own efforts both as the first N-8 in the Navy staff and as the Sixth Fleet commander, and then the Vice Chairman of the Joint Chiefs of Staff.

Putting pressure on the Soviet Union, and indeed realizing that the Navy and Marine Corps were operating forward, aggressively, and offensively, I believe this carried over after the Cold War ended in the way we thought about our service. It changed the paradigms of World War II. Of course, the submarine force had always been operating forward. But now we were able to operate with other branches of the Navy and Marine corps in a very offensive forward position, and we coordinated those actions with other naval forces to make a much larger difference. In many ways the Maritime Strategy was a coming-of-age for maritime forces.

What lessons can be taken from the 1980s for engaging in modern great power competition, both specifically about the role of the SSG and its functionality, and more generally about the centrality of the Maritime Strategy in 1980s great power competition?

Many of the lessons of the 1980s pertain to naval and Marine forces today, and will in the future. And when we are thinking of great power competition it allowed us to think of truly offensive and game-changing actions in the forward theaters, which pertains as much in today’s world as it did then. I predict that this will continue as we look to the future.

The lessons of the SSG were profound for me. The degree of thinking and engagement that a dedicated, supported from-the-top-group of quality officers can provide, was stunning. Art Cebrowski and I, I’m sure, had our lives changed in many ways from this experience. The leadership lessons learned from Tom Hayward, Bob Murray, and others who supported us also had a profound effect on Art and myself. And I have to add, the loss of Art Cebrowski to our entire Defense Department was a loss that is more than one could ever have imagined.

How did the strategy enhance the Navy’s ability to tell its story to outside audiences, such as Congress, the other services, and allies? How was it received and challenged by outside audiences?

The Maritime Strategy dramatically enhanced the Navy’s confidence in what it already knew in part that it could do. Whether it was with Congress, where the demonstration of the Navy and Marine Corps offensive forces working jointly with the other services became known, or with our allies, where this broad naval offensive power was broadly accepted, the maritime strategy was clearly now a part of everything we did. And in many cases, such as the United Kingdom, our allies joined as part of our forward-thinking Maritime Strategy.

Many audiences of traditionalists, including several of our four-star commanders at the time, were strongly unconvinced, even disapprovingly so. But it did not take long with continued exercises, demonstrated capability, and a realization on the Hill that this was something that could truly change America’s position in the world of military power, that there was widespread acceptance.

For many of us throughout our careers, we took pride in showing our friends and allies around the world and in the United States the true power and ability of our maritime forces to operate freely, jointly, and with substantial capability even in the most challenging areas. It is hard to say this needs to be proven now, since this is the way our country’s military services take military force forward, with naval forces on the leading edge!

Admiral William Owens (ret.) is a retired four-star U.S. Navy admiral. He was Vice Chairman of the Joint Chiefs of Staff, and was Commander of the U.S. Sixth Fleet from 1990 to 1992, which included Operation Desert Storm. Owens also served as the Deputy Chief of Naval Operations for Resources. Owens was the Senior Military Assistant to two Secretaries of Defense (Secretaries Cheney and Carlucci) and served in the Office of Program Appraisal for the Secretary of the Navy. He began his military career as a nuclear submariner. He served on four strategic nuclear-powered submarines and three nuclear attack submarines, including tours as Commanding Officer of the USS Sam Houston, USS Michigan, and USS City of Corpus Christi. He currently serves as an executive in the private sector, as well as a member of the Council on Foreign Relations.

Joe Petrucelli is an assistant editor at CIMSEC, a reserve naval officer, and an analyst at Systems, Planning and Analysis, Inc.

The opinions expressed here are the author’s own, and do not necessarily represent the positions of employers, the Navy, or the DoD.

Source: cimsec