Maersk, MSC, IMO — there is no shortage of maritime security incidents and cyber attacks. As hackers become even more sophisticated in their tactics, it’s inevitable that maritime cyber attacks against OT on ships are becoming the norm rather than the exception. The stats speak for themselves:

Of respondents, 77% view maritime cyber-attacks as a high or medium risk to their organizations, yet only 64% said their organization has a business continuity plan in place to follow in the event of a cyber security incident. Only 24% claimed their security incidents plan was tested every three months, and only 15% said that it was tested every six to 12 months. Only 2 of 5 respondents said that their organization protects vessels from operational technology (OT) cyber threats, and some respondents went so far as to describe their company policy to OT cyber risk as “careless.”

It’s time for the maritime industry to take a look at every aspect of their ship operations to ensure they’re protected and resilient against these growing threats and attacks. Maritime security intelligence begins with a comprehensive understanding of the risks faced. Today’s maritime security incidents and cyber attacks will only grow with continued digitalization and future technological advances.

In this eBook, we will help you navigate the ins and outs of maritime cybersecurity, review security incidents and maritime cyber attacks, address cybersecurity challenges and compliance considerations, and get you geared up to establish your maritime cybersecurity action plan.

Source: missionsecure

Shipowners’ organisation Bimco has urged Nigeria to step up efforts to safeguard seafarers as more and more crew are kidnapped from vessels in the Gulf of Guinea. The plea from the Danish-headquartered body came as the Joint War Committee (JWC) of the Lloyd’s Market Association (LMA) redrew the listed extended risk area in the West Africa region.

Having covered only the exclusive economic zones (EEZs) of Togo, Benin and Nigeria north of latitude 3 degrees north since 2013, the update now includes areas further to the south and east between Lome in Togo and Cape Lopez in Gabon.

TradeWinds News spoke to Dryad Global’s team about the uptick in piracy incidents off West Africa as part of their research.

Analyst Munro Anderson, of security consultancy Dryad Global, told TradeWinds that some incidents are related to “criminal disputes and inter-syndicate activity. However, the evidence suggests this number is small,” he said.

“In addition, we see the increasing prevalence of incidents beyond the traditional heartlands of the Nigerian EEZ as being indicative of a growing trend of insecurity.”

Premiums also increasing

Chris Goddard, CEO, founder and underwriter of marine war risks at Vessel Protect, said additional premiums have increased in 2020 due to a proliferation of piracy in West Africa in both the marine war and kidnap and ransom market.

“The expansion of the Gulf of Guinea notification area is in direct response to the broadening of sustained attacks in the region which began increasing in 2019. The JWC’s decision will increase costs for shipowners operating in the region,” he added.

“However, those who widely adopt best management practice (BMP) and engage in risk mitigation measures such as transit risk assessments conducted by independent maritime security experts will continue to see preferable insurance terms over their peers.”

Source: channel16.dryadglobal

This role has a work from home option and candidate must be able to attend meetings on site as requested.

The Cyber Security Development Operations & Orchestration manager is responsible for supporting critical cyber security functions by orchestrating and automating alerts and processes, engaging in the use case development process, and managing cyber security technologies. This position is highly technical and requires a solutions-oriented person with a “can do attitude”.

Our ideal candidate will have the following:

• Experience administering security technology including: IDS/IPS and other network security tools, Anti-Virus / Anti-Malware, Endpoint intelligence tools, SIEM, Proxy, Forensic tools, DNS, Web Application Firewalls WAF, and Vulnerability Management tools.
• Certifications such as Splunk “power user” or above, CCNA or above, MCSA (Azure Security Engineer associate, Microsoft 365 Certified Security Administrator Associate, or other Microsoft Certifications), Linux certifications, CEH, GCIH, Python certifications.
• Ability to use programming languages such as Python, and PowerShell to automate processes, build APIs and enrich Incident Response alerts.
• Splunk skills including Dashboarding, Data Modeling, CIM compliance, and using SPL to write advanced searches.
• Knowledge of operating systems (Windows and Linux)
• Ability to provide cyber security support by planning, coordinating, integrating and synchronizing cyber defense and prevention activities, ensuring compliance with all applicable state and federal cyber laws and regulations
• Ability to Write Report to communicate Sutter Health’s risk profile impact to peers and management
• Knowledge of cyber security solutions, policies and technologies
• Knowledge of the lifecycle of a network threat and network vulnerability exploitation in a healthcare environment, including the anatomy of a cyber-attack
• Ability to use Internet Technologies including DNS, routing, SMTP, HTTP, DHCP, FTP, etc.
• Experience managing a highly technical team

Position Overview:
As a Cyber Security Manager, you will provide support and guidance to Sutter Health regions and affiliates to develop, implement, operate and manage the Cyber Security program and team. You will represent the Privacy & Information Security Department on project teams and initiatives and work with operations support teams to identify and recommend solutions on security-related issues. You will use your exceptional leadership skills to provide oversight over a broad range of security duties that require a high level of technical understanding. Additionally, you will be accountable to:

Manage the Cyber Security team and ensure Sutter Health is in compliance with information security and privacy laws
Oversee design, engineering, analysis, research, testing and monitoring
Assist in the development, implementation, and maintenance of Cyber Security solutions
Conduct investigations of potential or actual cyber security events and documents, and communicate the risks to executive leadership
Collaborate with Privacy & Information Security staff regarding the development and maintenance of Sutter Health’s Cyber Security program and policies
Serve as Cyber Security Manager and advisor to the Chief Privacy & Information Security Officer, the Executive Director of Cyber Security & Investigations and Sutter Health affiliates

You will work with all levels of staff and leadership and therefore must be able to interact effectively with broad and diverse groups. You should be well organized and be able to prioritize assigned work and convey complex technical topics into language and diagrams understandable to a wide audience.

Qualifications:
Bachelor’s Degree in Computer Science, Information Science or related field or equivalent education/experience
Certified Information Systems Security Professional (CISSP) required within 4 months of date of hire
10 or more years of experience as an IT Security professional with progressively responsible management duties in security solutions and compliance reporting
Proven technical background in systems and network security
Extensive experience with security software, incident response, disaster recovery, firewalls, and network monitoring
Proven experience managing and tracking large scale projects and coordinating/planning resource allocations while tracking commitments to insure on-time delivery
Demonstrated professional experience working with PCI, SOX and HIPAA compliance regulations and applying them to security monitoring and alerting practices
Proven experience working with STIX/TAXXI based Threat Monitoring and Intelligence integration with SIEM solutions
Significant experience engineering High Availability infrastructure solution designs

Preferred Qualifications:
Healthcare information technology industry experience

Source: ziprecruiter

Facing “very substantial threats against the maritime critical infrastructure every day,” the Coast Guard has operationalized cybersecurity and “made it part of our prevention and response framework to make sure that we’re getting after this threat at the speed and pace at which it demands,” USCG Assistant Commandant for Prevention Policy Rear Admiral John Mauger told the House Transportation and Infrastructure Committee during a hearing on cybersecurity last month.

The marine transportation system, or MTS, is an integrated network of 361 ports and 25,000 miles of waterways and supports one quarter of U.S. GDP and one in seven American jobs, and “any substantial disruption to marine transportation can cause cascading effects, to our economy and to our national security.”

“Cyberattacks are a significant threat to the maritime critical infrastructure, and while we must continue to work to prevent attacks, we must also be clear-eyed that attacks will occur, and we must ensure that the MTS is resilient,” Mauger said. “Protecting maritime critical infrastructure and ensuring resiliency is a shared responsibility.”

That has included establishing Coast Guard Cyber Command, with cyber forces that “are manned, trained, and equipped in accordance with joint DoD standards, but have a broad range of authorities to address complex issues, spanning national defense and homeland security, including protecting the MTS.” USCG stood up a maritime cyber readiness branch within Coast Guard Cyber Command “as a focal point for maritime threat monitoring, information sharing, and response coordination.”

“The Coast Guard’s approach to protecting the MTS leverages our proven prevention and response framework,” he said. “To prevent incidents, we leverage our authorities in the nation’s ports to set standards and conduct compliance. We refer to this as cyber risk management, and require accountability, assessments, mitigations, exercises, and incident reporting. To prepare for and respond to cyber incidents, Coast Guard sectors are leading field-level exercises with Area of Maritime Security committees, and have established unified commands with FBI and CISA to lead the federal response to cyberattacks in the ports.”

“Cyberattacks will increasingly have physical impacts, beyond computer networks. By incorporating cybersecurity into our prevention and response framework, we provide a comprehensive, all-hazards approach to this threat, but we cannot do this alone. As the co-sector risk management for transportation, we look to both TSA and CISA as key partners.”

Mauger stressed that cybersecurity is “a shared responsibility with the private sector” and “collaboration with the industry is paramount, and focused on information sharing and good governance.” USCG established the National Maritime Security Advisory Committee “to facilitate consultation with industry on standards development” and works with the International Maritime Organization to address the risks posed by foreign vessels. “We are committed to a transparent approach, as we balance the urgency of cyberthreats with informed rulemaking,” he added. “The cyberthreat is dynamic.”

Asked for an update to the Coast Guard’s efforts to improve its own IT systems, the assistant commandant noted that the USCG “approach to protecting the maritime transportation system relies on us having our own ability to defend and operate our networks.”

“Through investments in the CARES Act, with over $65 million in funding, we’ve been able to make significant investments to modernize our infrastructure, and push more information out to our mobile users out in the field, and our cutters underway,” Mauger said. “But all of this is premised, our security is premised, on it being an operational imperative. And so the key thing that’s really driven us forward is the establishment of Coast Guard Cyber Command as an operational command, under the purview of a two-star commander, that oversees our daily mission execution in the IT space. And then the coordination with our CIO, who is driving those investment and modernization projects forward.”

At the port level, Mauger said the Coast Guard is “really focused on working across the prevention and response framework to ensure that we have the ability to defend and then also respond resiliently from attacks.”

“This is a shared responsibility between the private sector and the federal agencies involved, and so we’re doing a number of different things,” he said. “First of all, we put in standards in place that require them to conduct assessments, have an accountable person, develop a plan, mitigate that plan, exercise it, and report incidents. All those pieces are really important. Through those assessments, we then have the opportunity to drive investments through the Port Security Grant Program, to update security posture in the ports. And so last year, $17 million was allocated from the Port Security Grant Program for Cybersecurity.”

“Which side is winning, the increased cyberthreats or increased digital-based safety operational enhancements?” asked Rep. Bob Gibbs (R-Ohio). “How are we doing in this fight, who’s winning?”

“Congressman, it’s not an either/or proposition for us, it’s really an all-of-the-above,” Mauger replied. “And so as the Assistant Commandant for Prevention Policy, we make sure that we bring together the best of our ability to secure private industry, but then be able to respond as well.”

“And so, leveraging our prevention and response framework, we’ve made sure that we’ve taken a multilayered approach to engaging with the industry, sharing information with them at the local level, through the Area Maritime Security Committees, and conducting compliance activities,” he added. “And then at the national level, engaging across the interagency with our National Maritime Security Advisory Committee, with the MTS ISAC, and then with other interagency partners, to make sure that we’re tied together, and providing a comprehensive network, and comprehensive approach to this problem.”

Mauger emphasized to lawmakers that “overall risk management approach, within both the private sector and the federal government” requires accountability.

“You have to have an accountable person; they have to be able to do an assessment and to understand the risks,” he said. “They have to be empowered to manage those risks. And then it also comes back to exercising and reporting. Where it comes to reporting right now, we have to change the paradigm from ‘what is the minimum I need to disclose’ to ‘how can I help protect others’… these incidents cut across so many different infrastructures, and reporting really helps us to make us all stronger.”

Asked how threats and risk-management assistance is communicated to individual ports and throughout the MTS, Mauger replied that “unity of effort within the Coast Guard is part of our DNA, and so we take a multi-level approach to share information at the speed of cyber here with the industry.”

“But this is a dynamic threat environment, and going forward we need to use a combination of both existing tools and new tools, or new methods, to get after the information sharing,” he added. “So for this multi-level approach at the local level, we work through our Area Maritime Security Committees; each of those have established cyber subcommittees that are responsible for that day-to-day sharing of information, for conducting the exercises, for reviewing best practices and understanding how to move forward. Those same people then are integral to response efforts when they occur in the ports. At the national level, we work through a number of different means. We’ve established a maritime cyber readiness branch within our Coast Guard Cyber that really becomes a focal point for threat information dissemination, technical assistance in the field, and connection to the interagency.”

“We’ve embedded folks in CISA, we meet regularly with the other Sector Risk Management Agencies. We engage with the MTS’s information sharing and analysis center. And we look for every opportunity to continue to share information and communicate threats, and understand the vulnerabilities in this industry, so we can protect the MTS.”

Source: hstoday

Vibrant digital identity and cyber security backbones have been identified as critical factors to drive the emerging payment technology economy in Nigeria, experts have said.

This was the summation of discussions by stakeholders in Nigeria’s finance and identity sectors, at the just concluded Future of Payment Conference held in Lagos.

Speaking on the theme, ‘Fear and Fraud: Juggling Identity, Consent and Security in the Age of Instant Payment’, Co-founder/CEO, VerifyMe Nigeria, Esigie Aguele, said building a sustainable trust-based economy powered by a virile digital identity infrastructure will accelerate gains from the shift towards cashless and contactless payment options.

He said: “What we are seeing increasingly in the identity space is that having robust identity protocols not only enable, but also secure payment. For instance, Amazon, the global e-commerce giant, now requests for the National Identity Number (NIN) before importing goods to customers in Nigeria. So, they are using identity to process payments and we are expecting to see trends like facial recognition increasingly play a leading role in the new era of PayTech.

“The ecosystem is also expanding beyond individual identity to device identity verification. The whole concept of SIM swap is one of the areas that cause online fraud and big loss to FinTech and telcos across industry. VerifyMe is going to be at the critical layer of supporting FinTech companies to minimize fraud across PayTech transactions as well as minimize leakages from exposing data to people who shouldn’t have access to it.”

Director, Account Management, West Africa, MasterCard, Stanley Jacob, stressed the need for increased attention to digital identity given the accelerated shift from physical and traditional payment systems to contactless pay technologies.

According to him, “Insights from MasterCard’s New Payment Index Survey show a growing acceptance of the new payment platforms whether they be biometric, contactless, QR or virtual currency. Seven out of every 10 respondents said they are ready and happy to use contactless payment platforms; 73 per cent are willing to use digital wallets by 2022 and; between 2020 and 2021, about 1 billion additional MasterCard transactions were processed through contactless platforms.

“These indices point towards the proliferation of PayTech. Therefore, there needs to be a corresponding infrastructure to harness this opportunity and preserve the integrity of the transactions. This is where digital identity and cybersecurity will come into play.”

Source: guardian

China’s growing technological expertise along its digital silk road is expected to set benchmarks for the rest of the world to follow, according to analysts. President of China’s ambitious Belt and Road Initiative (BRI) started down the digital silk road long before the rest of the world began talking about connected smart cities and technology-driven solutions.

As China continues to expand its digital footprint in sectors as diverse as cloud computing, 5G, surveillance technology and virtual currency, observers see movement in some areas toward Chinese technological dominance.

China is already leading the world in Artificial Intelligence (AI), blockchain, 5G, and quantum technology publications and patents. Data fuels AI development and, thanks to its sprawling surveillance apparatus, China has access to immense amounts of it, so China seems well-positioned to emerge as a leader in this field.

China has already launched the biggest blockchain ecosystem in the world, connected to over 100 city nodes, and was the first country to launch widespread pilots of a digital fiat currency – the Digital Currency Electronic Payment (DCEP) system. Analysts agree that China has achieved enormous breakthroughs in some future technologies. Advancements in technologies allow China to more efficiently promote the progress of BRI, increase the bonding between China and BRI countries, and push BRI’s hard projects.

How technology will be incorporated into BRI projects will depend very much on the nature of the projects. This will differ among regions and countries.

– Research Associate, Lee Kuan Yew School of Public Policy, National University of Singapore

China’s world-leading fibre optic industry, which is already assisting BRI countries in transforming from traditional to renewable energy supplies. Many countries aligned with BRI are rich in solar energy resources, but “lack the technologies and resources to construct renewable energy infrastructure. Through BRI, China can export advanced renewable energy technologies to BRI countries and Chinese fibre optic enterprises can enjoy local preferential policies, including tax incentives, preferential treatment for equipment imports.

In some infrastructure areas, such as high-speed railway, 5G networks, and ultra-high voltage power grids, China’s standards have become the international standards as everyone else plays catch-up. Therefore, through collaborating with Chinese enterprises, BRI partner countries can adopt the technologies that accord with the most advanced standards in their infrastructure projects.

China’s technological prowess gives it an edge to push BRI’s hard projects, such as renewable energy, transportation, infrastructure, power, and healthcare since in today’s technology-driven world, the digital realm is intimately intertwined with hard infrastructure.

Railways, ports, and electricity grids, for instance, would not be able to operate effectively today without software, sensors, and cybersecurity. China also provides a useful reference for BRI countries with its digital transformation and industrial digitalisation models. Most BRI countries are developing countries and have limited experience in dealing with digital technology but can benefit from China’s digitalisation experiences.

Given that the BRI is primarily a financing/investment mechanism, exporting technology adds a different dimension to the entire BRI assistance package. Most BRI projects have already been dependent on using Chinese equipment and labour, so any kind of tech advancement might just mean higher quality or more efficient projects.

Anything digital will tend to also require a larger investment amount, and“the financial capacity of BRI recipient markets will come into question here as well, especially if these markets are prioritising developing adequate infrastructure to meet their domestic needs first. The best way for BRI partner countries to benefit from China’s technological prowess is to partner with Chinese operators.

While the West has focused too much on profits and not enough on cash flow business and service lines, China is developing technologies to hook their services into supply chains to generate cash flow streams. This business model is relatively more sustainable than the profit-oriented ones.

Source: opengovasia

The shipping company will roll out OneNovation’s abela IT platform, which allocates tasks to fleets or remote offices. The tool uses proprietary technology for exchanging data between remote locations. The abela portal allows secure user and team management, vessel management as well as groupings or fleets (logical or physical groups) and provisioning of services on demand, called modules.

OneNovation, a One Net Group company, will support Anglo-Eastern’s current and future digital strategy through the partnership.

All of OneNovation’s services are extended for advanced connectivity solutions and hardware integrated solutions, to support the requirements of shipping companies such as Anglo-Eastern.

General manager of OneNovation, Peter-Michael Haddad said: “We look forward to collaborating with such a forward-thinking partner as Anglo-Eastern on the development of a bespoke technology portfolio. At OneNovation, we pride ourselves on our agility and ability to effectively integrate excellent, customisable managed services to our clients.”

Torbjorn Dimblad, CIO of Anglo-Eastern commented: “A modern, standardised and secure infrastructure is necessary to support the digital solutions of today and tomorrow. With OneNovation’s abela IT suite of services, we are now set up to do just that for the enhanced productivity, connectivity and well-being of our staff at sea.”

Source: thedigitalship

The programme consists of integrated workshops and tailored support aimed at helping IMO Member States to develop National Maritime Security Committees, Risk Registers and Strategies.

Peter Adams, IMO Special Advisor to the Secretary-General on maritime security, explains: “At IMO, we believe that an inclusive approach that draws key stakeholders together is most likely to yield meaningful results. Therefore, the programme aims to create a cross-government committee that can be aided by the Risk Register to objectively identify security gaps and prioritize where to steer future policy development, funding and capacity building efforts. It also leads to the development of a National Maritime Security Strategy that provide the strategic objectives, which explain how the Member State will secure its maritime domain for the foreseeable future. We hope to replicate the IMO Whole of Government Approach to Maritime Security in other regions in the future.”

The programme has been carefully designed based on IMO’s global maritime security experience, including assisting countries to implement IMO’s maritime security measures, such as the International Ship and Port Facility Security (ISPS) Code. The programme provides a practical framework to underpin effective national maritime security decision making and governance, tailored to the specific needs of the respective Member State. Each element can be delivered either as a stand-alone unit or as an integrated programme. Depending upon the option(s) chosen, the programme timeline can range from three to eighteen months.

Subject to available funding, IMO will work with the member state to provide the framework, expert workshops and consultancy support. IMO will be supporting Nigeria in the development of its National Maritime Security Strategy, with the project due to be launched towards the end of 2021 and completed within an 18month period.

Safer waters in West Africa

During a recent visit (22 October) to IMO Headquarters by representatives from the Nigerian Maritime Administration and Safety Agency (NIMASA), IMO Secretary-General Kitack Lim was given an update on maritime security in Nigerian waters. Dr. Bashir Jamoh, NIMASA Director General quoted data from the IMB reports, which demonstrate a downward trend, with a 40% reduction of piracy and armed robbery related incidents across the Gulf of Guinea. He stated that there were 28 incidents reported in the first three quarters of this year, compared to 46 in 2020. Nigeria accounted for four of these incidents, a 77% reduction from the 17 incidents in the same period in 2020. Unlike last year, when most incidents took place outside territorial waters, almost all incidents mentioned above occurred in anchorages, ports and harbours.

Dr. Jamoh attributed the significant reduction in maritime security incidents in Nigeria to deterrence, through increased maritime law enforcement presence in the estuary regions, and to enhanced intelligence and engagement with the people of the Niger Delta. He also outlined a plan to enhance security in internal waters, given recent incidents in those areas.

Emphasizing the value of IMO support for regional initiatives, the NIMASA Director General stated that the safety agency will shortly be completing work on its enhanced Regional Maritime Training centre in Lagos, which is expected to serve as a hub for regional Search and Rescue (SAR) and security training. This is expected to build on ongoing regional cooperation with the Maritime Organization for West and Central Africa (MOWCA) and the Joint Industry Group (Nigeria and international maritime industry associations). Dr. Jamoh also highlighted the efforts put in to enhance the region’s legal framework with adoption of legislation providing for enforcement and sanctions for offences against maritime security, including piracy.

NIMASA has been working to address socio-economic factors that contribute to piracy and maritime security issues, such as unemployment, poverty, lack of education opportunities, etc. There has been a positive impact from an ongoing maritime education programme to provide alternate employment opportunities and scholarships for youth in the affected areas. By training these individuals as future seafarers, fishers, maritime personnel and marine litter marshals, the programme creates economic opportunities as well as addresses the maritime skills gap.

Source: channel16.dryadglobal

The Nigerian Maritime Administration and Safety Agency (NIMASA) has introduced new measures to check security threats in the Nigerian maritime domain and deter persons who may seek illegal means of entry into the country as stowaways.

Under the new procedures, all Ship Captains are to submit the Security-Related Pre-Arrival Information forms to the Agency no later than 48 hours before the ship’s arrival at any Nigerian port.

Ship Captains are also required to exchange the Declaration of Security, with the Port Facility Security Officer of their next port of call not later than 72 hours before the ship’s arrival at that port for conveyance to NIMASA within 48 hours. Additionally, all ships are to maintain 24 hours vigilance and surveillance to detect strange movements, including small boats and skiffs that may not be captured by radar.

Other measures include proper pre-departure search and completion of pre-departure forms before departure from any port; switching on Automatic Identification Systems; close monitoring of communication channels; and response to any VHF call from the Nigerian Navy or the Regional Maritime Rescue Coordination Centre.

Director General of NIMASA, Dr. Bashir Jamoh, said that the measures are consistent with the strategy of trying to keep one step ahead of the pirates, armed robbers, and anyone or anything that poses a danger to the country’s maritime domain and Nigeria, in general.

“The procedures are easy to follow and deliberate steps have been taken to make the reporting process seamless, all for the good of the ship operators and the international shipping community.″

Jamoh also appealed for standardization of the legal frameworks of countries in the Gulf of Guinea to aid effective prosecution of maritime crimes. He acknowledged that some efforts are being made to standardize regional maritime law enforcement, with some countries are already enacting their own antipiracy laws.

“We encourage countries within the region, which do not have distinct antipiracy laws, to try to enact such laws. It is in the interest of every country in the Gulf of Guinea to consciously work to remove obstacles to the prosecution of piracy and sea robbery suspects,” Jamoh said. “Shipping is an international business, and crimes associated with it are equally international in nature. Now, how do you try a suspect in a country where our SPOMO [Suppression of Piracy and Other Maritime Offenses] Act cannot be applied?

“No country can fight maritime insecurity alone. It is a collective responsibility. There is hardly any nation that does not have commercial interest in the Gulf of Guinea.So we must work to ensure uniformity of legal frameworks in the region to facilitate effective prosecution of maritime crimes.”

Source: hstoday

Maersk, MSC, IMO — there is no shortage of maritime security incidents and cyber attacks. As hackers become even more sophisticated in their tactics, it’s inevitable that maritime cyber attacks against OT on ships are becoming the norm rather than the exception. The stats speak for themselves:

Of respondents, 77% view maritime cyber-attacks as a high or medium risk to their organizations, yet only 64% said their organization has a business continuity plan in place to follow in the event of a cyber security incident. Only 24% claimed their security incidents plan was tested every three months, and only 15% said that it was tested every six to 12 months. Only 2 of 5 respondents said that their organization protects vessels from operational technology (OT) cyber threats, and some respondents went so far as to describe their company policy to OT cyber risk as “careless.”

It’s time for the maritime industry to take a look at every aspect of their ship operations to ensure they’re protected and resilient against these growing threats and attacks. Maritime security intelligence begins with a comprehensive understanding of the risks faced. Today’s maritime security incidents and cyber attacks will only grow with continued digitalization and future technological advances.

In this eBook, we will help you navigate the ins and outs of maritime cybersecurity, review security incidents and maritime cyber attacks, address cybersecurity challenges and compliance considerations, and get you geared up to establish your maritime cybersecurity action plan.

Source: missionsecure