Maritime Cyber Security: A Global Challenge Tackled through Distinct Regional Approaches

Innovative technologies have found their way to the maritime transport sector as they minimize the costs and maximize the benefits in everyday operations. At the same time, these new technologies enhance the interconnectedness of core port and shipping operations to the whole supply chain. As such, any interruption to the core of these operations may have a consequent knock-on effect to the wider economy and industries related to the supply chain, as illustrated in the CyRiM Report [1].

Despite the increasing numbers of cyber incidents to corporate networks and data, the maritime transport sector is rather slow in addressing cyber risk [2]. Well-established regulations and guidelines have been implemented for decades on topics such as environmental and crew safety and, more recently, on ballast water management; these risks are tangible. However, cyber risks are different. Their intangible nature means that their consequences are not palpable; therefore, it is difficult for them to be initially identified and addressed. Infected applications, computers in the office, or operational technology (OT) systems on board may continue to operate without any noticeable performance issues. Unlike any other risk, when a cyber breach occurs, it can affect the entire infrastructure of an organization, including its fleet and offices around the world.

This threat landscape will only grow, as ships at sea increase their connectivity, exchanging data so they can increase supply chain visibility and performance. Unfortunately, while connectivity solutions have evolved, achieving greater resilience, a single specific vulnerability in one industry or organization can swiftly cascade to affect other industries and organizations due to the lack of appropriate security controls [1].