CyberOwl CEO Daniel Ng questions whether commercial shipping is asleep at the cyber security helm, headed for hazards already overcome by more cyber-mature sectors.
At CyberOwl, we have engaged with more than 50 shipowners, operators and OEMs in the last six months to gain a deeper understanding of their cyber security challenges and what measures they are taking to address them.
Overall, from our discussions, common challenges are surfacing, and it is becoming clear the maritime sector is in danger of tripping over the same stumbling blocks that other sectors, such as oil and gas, have previously encountered.
I have highlighted a few below.
1)There is still false confidence that perimeter security is good enough
Most fleets have implemented basic perimeter IT security on their vessels – commonly firewalls or antivirus software. The main assumption here is that a clear perimeter can be defined for the vessel network and therefore controlling the ingress and egress points is enough security.
However, the first step in an effective cyber security plan is to assume that the vessel systems are already compromised, and an active threat is already inside. Trust nothing.
Ultimately, a layered approach is the only realistic defence, and situational awareness or visibility must sit at its heart…(read more)
Source – https://www.marinemec.com/news/view,5-cyber-security-lessons-shipping-should-learn-from-other-industries_57926.htm