Imagining a tanker collision or an explosion caused by a cyberattack is a scary thought. Less dramatic yet with significant business impact, is the recent “Petya” attack that paralysed several of Maersk’s and other companies’ computer systems and brought ship and port operations to a halt.
The vulnerability of modern shipping industry to cyberattacks is a rising concern for ship owners and regulators alike. Organisations such as U.S. Coast Guard are currently developing guidelines and drafting inspection circulars in to guide the industry until cyber risk management regulations is in place.
Secure-NOK is inviting the maritime industry to a mini-seminar August 10th in Oslo where we will give an introduction to the cybersecurity risk to maritime vessels and insight into various ongoing efforts in shaping maritime cybersecurity best practices.
Time: Thursday August 10th from 10:00 -12:00
Place: Thon Hotel Vika Atrium, Oslo
RSVP: firstname.lastname@example.org by Monday August 7th
As modern day commercialization and business demands require increased digitalization and automation, maritime vessels are becoming increasingly connected and dependent on software and IT systems. However, challenges such as reliance on legacy systems and a generally low level of cybersecurity training among seafarers remain. Furthermore, much of the current Information Technology (IT) and Operational Technology (OT) infrastructure onboard vessels were not originally built to cope with today’s security threats.
To address the maritime cybersecurity challenge, several initiatives are being taken by regulators and class society. In 2016, a number of Maritime Industry specific Cybersecurity Guidelines were published by organizations such as BIMCO in collaboration with CLIA, ICS, INTERCARGO, INTERTANKO, OCIMF and IUMI. Also, class societies like ABS and DNV GL and the U.S. Coast Guard all released their first publication in a series of non-mandatory Cybersecurity Guidance documents.
The ongoing development of the U.S. Coast Guard Guidance documents targeted towards all organizations conducting operations under their regulatory control will be covered specifically. This includes the content of the “Maritime Bulk Liquids Transfer (MBLT) Cybersecurity Framework Profile” (published 2016) and the development of the two next profiles: “Mobile Drilling Units” (expected 2017) and “Passenger Vessels” (expected 2018).
Secure-NOK® has since its foundation contributed to an increased understanding of cyber risks in industry through involvement in organizations such as the International Association for Drilling Contractors (IADC). Secure-NOK®s Founder and CTO has chaired the IADC Cybersecurity subcommittee since its establishment in 2014 and leads the drilling industry’s dialogue with the U.S. Coast Guard regarding cybersecurity.