Cybersecurity is a concern for almost anyone, but it’s becoming a serious and growing problem for the maritime industry. Onboard systems include GPS, DP, AIS, ECDIS, Radar, autopilot etc. and the control systems for ballast water, vessel stability, engine and propulsion control and cargo handling etc. Maritime cybersecurity is now a major problem for the industry, and this situation won’t improve on its own.
In addition to the equipment onboard vessels, there are similarly vulnerable systems located in ports, VTS centres, offshore installations, operators and manager’s offices and in numerous maritime support businesses and organisations.
These systems are vulnerable; they are vulnerable not only to a deliberate and targetted criminal attack but also to failure and ill-educated misuse. How well trained and experienced are your employees? How many seafarers have a good understanding of more than just the basics of computer security?
“People are part of complex systems in the maritime environment; they interact with one another and computer systems in both creative and destructive ways. At every intersection of human and machine there is the possibility for error, manipulation, coercion or sedition.” – The Future of Maritime Cyber Security – Lancaster University
Effective IT security is about far more than deploying the latest hardware technology and software solutions. It is also about how the first line of defence behaves; how those that use and interact with the costly infrastructure react to threats and problems and how they view the risks inherent with day to day operations.
This educational resource is aimed at changing the way those at the sharp end behave, building a first line of defence against cyber attacks, system failures and the occasional act of potentially costly stupidity.
Sponsored by NSSLGlobal and working with a number of other maritime partners Fidra have developed an engaging, entertaining and effective tool in the fight against data loss, theft and corruption. Any one of these could have an outcome ranging from inconvenient through to being financially costly or ultimately being responsible for a major incident.
“The biggest risk is from employees using computer-based systems since security prevention mechanisms within the network itself are rarely implemented in the mistaken belief that perimeter defences are all that is required.” – Maritime Cyber Security White Paper – ESC Global Security
The project was developed by a working group consisting of a small number of interested parties, primarily but not exclusively from the maritime domain. Led by Fidra, the group assembled a body of technical knowledge and best practices that was then handed over to a team of behavioural and creative specialists.
A primary feature of this project is its collaborative nature, the sharing of information and ideas for the benefit of the group (internally/privately where deemed appropriate) and for the wider maritime community on release of the resource.
“To mitigate the risk of exposure to cyber-vulnerabilities (deliberate or otherwise) by educating those who have access to exposed IT systems and infrastructure, both onboard and shoreside. This will be achieved by giving a non-technical audience the knowledge to understand the risks, to know what to do to protect against these risks and what to do in response to a direct threat.” – Chris Young, Executive Producer, Fidra Group Ltd.
We are currently working with a number of companies and organisations, with more to be publicly announced over the coming days. If you would like to be a part of this project, or you would simply like a copy of the project brief, please contact email@example.com directly.
Lead-sponsor NSSLGlobal along with the Oil Companies International Marine Forum (OCIMF), The Standard Club, Teekay, the CSOA, JWC International and the City of Glasgow College are all convinced of the need to develop effective, relevant cyber education for the maritime industry. Are you?
The following is a brief summary of the project:
- The project will develop a film (or series of short films) to educate end-users in cyber awareness. It will be specifically aimed at a non-technical audience, and will focus on best practice behaviour, not technological solutions. The intended audience is primarily the world’s seafarers, plus their shoreside colleagues in shipping company offices, port operations, logistics companies etc.
- The project is a collaborative effort – bringing together a number of shipping companies, maritime organisations and subject matter experts to discuss the issues they face, the solutions they have implemented and industry best-practice. The development process is specifically intended to be a learning experience for the participants, learning from each other and finally producing a body of knowledge for public release.
- The ‘resource’ cannot be precisely defined at this stage, as the content will be generated during the development phase. However, we are aiming towards either one film, or a series of ‘shorts’ – we need to be aware of the sharing potential for short, snappy, entertaining video clips. It is crucial that whatever we produce is entertaining and enjoyable for it to be watched, remembered and shared. If we make ‘just another training film’ we will fail to meet our objectives.
- The films will be supported by more comprehensive written notes, available to download free of charge.
- The project is non-commercial, in that Fidra will not sell the resource(s). The film(s) will be freely distributed to the industry and beyond to ensure maximum audience reach.
- The project is being funded from within the industry, by the participants and by one headline sponsor.
- The confirmed participants so far are: NSSLGlobal, OCIMF, The Standard Club, Teekay Corp, the CSOA (Company Security Officers Alliance), JWC International and the City of Glasgow College. We are also talking to a number of potential headline sponsors.
- The budget requires 6 participating companies/organisations to contribute £5k +VAT each (Teekay and Standard Club have confirmed their financial support) along with our Headline Sponsor, NSSLGlobal.
- The budget will be spent primarily on direct production costs (approx. 85%). The remainder will be used to cover the costs incurred during development, the ongoing costs of distribution (primarily via the internet) and a contribution towards the business costs of Fidra Films, as well as a contingency for any cost overrun.
- Fidra will actively seek to engage as many industry organisations as possible to assist with distributing the resources to the industry. It should also be noted that the advice will largely apply across industries, so the audience potential could be greater than simply maritime-based.
- There has been considerable interest from the industry and the industry press in this initiative, both for its pertinence and for the funding, development and distribution model. This interest will be a significant aid in publicising the resources when they are released.
We’ll leave the last word to the Nautical Institute;
“For most companies, the greatest threat comes from the naivety of their own employees, on ship and shore. Awareness and good procedures can dramatically reduce the risk.” – The Navigator, June 2016
If you would like more information on thie project please contact firstname.lastname@example.org directly.