Maritime Cyber Risk
Maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.
Cyber risk management means the process of identifying, analysing, assessing and communicating a cyber-related risk and accepting, avoiding, transferring or mitigating it to an acceptable level, considering costs and benefits of actions taken to stakeholders.
Maritime-Cyber Ransomware Scenario
Attackers or hackers can use ransomware to hold a target hostage for ransom. This can have unique outcomes in the maritime environment, as it could either lock crew or passengers in their rooms (for example, on a cruise ship) or possibly even lock ship controls, leaving the entire ship drifting and vulnerable at sea. To raise awareness, researchers at Plymouth University have filmed this scenario on one of the university's ship simulator, while researching technological and policy-based solutions.
Cyber Security Davos 2017 - Maersk - Business Impact
- Cyber Security challenges for shipping industry
GDPR and Shipping Industry
Organisations in the shipping industry may collect a lot of personal data, from email addresses of business contacts and counterparties to vessel crew and passenger information, as well as information about their own employees.
Crew and contractors are vetted and managed. Immigration law obligations in numerous jurisdictions require certain personal information to be shared. Every business transaction involves interaction with individuals working for corporate counterparties.
Much of this information is likely to cross national borders and be exposed from time to time to physical and cyber security risk. Once the GDPR applies, and the risk of large fines and reputational damage increases, breach of the data protection rules could potentially sink the business (or at least cause it to take on water).
More details ....
GDPR for Shipping - Learn from the expert
Mr. Chronis Kapalidis, Academy Stavros Niarchos Foundation Fellow, International Security Department, Chatham House, focused on the EU GDPR, an important legislation for the data protection, effective from May 25th2018, which is undoubtedly a great challenge for cyber security that cannot be ignored.
Maritime Cyber Risks Blog