Gnostech has been on the road recently, first traveling to San Diego for Oceanology International North America followed by the Organization of American States (OAS) Hemispheric Conference on Port Competitiveness and Security in Miami last week. Highlights included showcasing our maritime cybersecurity solutions, debuting our capabilities video, and our president, James Espino, participating in two cyber related panels. We also had the opportunity to interact with stakeholders and companies from a diverse cross section of the maritime industry.
Familiar themes related to maritime cybersecurity that we have continued to emphasis in our blog posts were reinforced during both conferences.
1) Greater awareness. There is no doubt that the industry is becoming more automated, but safety and security implications of an increasingly digitized industry are not always discussed. Although many industry conferences have panels dedicated to this topic, greater mainstream attention on cybersecurity and technical and engineering solutions is still needed. Again, this goes back to the fact that the majority of cyberattacks are not publicly disclosed. A recent SAFETY4SEA survey highlighted this point, saying that the industry needs to establish a mechanism for feedback and best practices. Every maritime cyber incident must be reported and investigated for root cause analysis and preventive actions. At the organizational level, everyone has a role to play and cybersecurity must become embedded into the culture.
2) Be proactive. A maritime organization’s attitude towards cybersecurity should not be “this does not impact us” or “we will tackle this down the road.” This is the wrong outlook. You should assume your system will be breached, if it has not already been breached. On average, it takes 170 days to detect an advanced attack, 39 days to contain it and 43 days to remediate it, according to a Ponemon Institutesurvey. What is the most proactive step you can take? It is applying software patches and upgrades to fill in known vulnerabilities within systems. Do all you can to mitigate risk.
3) Global area of concern. Cybersecurity knows no bounds, and no one country or geographic area is immune from such attacks. From container ships to offshore facilities to ports, cyberattacks at happen anywhere at any time. That is why increased coordination of activities, regulations and best practices between all maritime organizations and stakeholders is vital.
Cyber issues are real and pose a current and direct threat to the maritime domain. Simply put, it needs to be promoted and organizations need to implement solutions and program to keep a high cybersecurity posture.
About Gnostech Inc.:
Gnostech Inc. is an applied engineering and consulting company with expertise in information assurance and cybersecurity engineering, and major combat and space systems development and integration. For more information, visit www.gnostech.com, or stay connected by following us on LinkedIn or @GnostechInc on Twitter.