Maritime cyber crime is a problem that’s growing exponentially; one US-based consultancy estimated in 2020 that cyber attacks on the maritime industry’s operational technology (OT) systems had increased by 900% in the previous three years. Effective from 1 January this year, IMO Resolution MSC.428(98) obliges shipowners and managers to assess cyber risk and implement appropriate procedures and countermeasures as part of a ship’s safety management system.
Andrew Hill, an executive director and cyber coverage specialist at insurance brokerage Willis Towers Watson (WTW), believes that shipowners are finally beginning to wake up to the dangers of lapse cybersecurity. He comments: “There was perhaps, until recently, some complacency within the sector that cyber risk was not an issue for shipowners. Highly publicised cyberattacks against several of the largest shipowners in the world and an ongoing transition towards automated operations have, however, dramatically altered the perception of cyber threats within the industry.”
Given that such expertise is often not available in-house shipowners are increasingly engaging third parties such as Tel Aviv-based security company Cydome, a team of maritime and cybersecurity professionals, who have joined forces with the aim of creating full spectrum protection for vessels, fleets and offshore facilities.
“Our clients’ main concern nowadays is understanding what will be the impact on their organisation from the new IMO cybersecurity regulation,” says Cydome’s co-founder and COO, Avital Sincai. “Our offer includes cyber risk analysis, maturity assessment process and gap analysis and of course an end-to-end cybersecurity solution for real-time protection. The final report details high severity vulnerability for each vessel [with], critical asset and mitigation plan.”