A recent study performed by IBM’s Resilient and the Ponemon Institute found that 66% of organizations would be unable to recover from a cyberattack. The annual Cyber Resilient Organization study also showed a decline in organizational resilience against cyberattacks. The study defined resilience as “an organization’s ability to maintain its core purpose and integrity in the face of cyberattacks.” Of the respondents, 32% of IT and security professionals ranked their resilience as high. That same number was 35% in 2015.
A high barrier to proper resilience, as listed by 66% of respondents, was “insufficient planning and preparedness.” The report also noted that 46% listed “complexity of IT processes” as something that kept their organization from achieving resilience. There is still a lag in having the appropriate people, processes, and technologies in place as a vast majority of respondents admitted that they do not have a formal cyber security incident response plan that is applied consistently across the organization.
The study also looked at what type of security incidents the respondents were experiencing. Some 53% reported that they had dealt with at least one data breach in the past two years, including malware and phishing. Over that same period, 74% said their organization had experienced threats as a result of “human error.”
How is this applicable to maritime companies? We have emphasized that cyber risk management is becoming increasingly important with the evolution of cyber dependent technologies within the industry. Our company’s president relayed that point when he moderated several cybersecurity related panels at both San Diego BlueTech Week and SpaceCom in the last two weeks. The potential consequences of a cyberattack or incident not only impact operations, but can also pose a threat to the industry as a whole as so many maritime activities are interconnected.
The resiliency challenge for these organizations is determining the most advantageous solution(s) that will not interfere with critical mission operations. To help facilitate the planning process and ensure its effectiveness, an organization must fully understand and base decisions on their cyber risk profile. Given the interdependencies that exist within the maritime community, the process of hardening cyber defenses and creating resiliency cannot end at any one line. Open dialogue and collaboration among all maritime stakeholders is crucial.
About Gnostech Inc.:
Gnostech Inc. is an applied engineering and consulting company with expertise in information assurance and cybersecurity engineering, and major combat and space systems development and integration. For more information, visit www.gnostech.com, or stay connected by following us on LinkedIn or @GnostechInc on Twitter.