SDSD logo
SDSD - Customer care services

If you’d like to book a call back from one of our consultants please click the “Book a Demo” button below.

Image Alt

Improving Cyber Resilience

Background

Maritime cyber security threats have increased dramatically during 2020, as COVID-19 has led to higher dependency on digital connections and internet on board. A recent survey by IHS and BIMCO revealed that 31% of respondents experienced a cyber-attack, compared to 22% in 2019. The most common attacks were: Phishing (68%) Spear Phishing (41%) Malware (33%).

This short survey is to find out if clients have created cyber-risk plans to meet the IMO 2021 deadline and to assess where they struggle with cybersecurity within IT and OT onboard vessels and on shore.

Contact Name

First Name *

Last Name *

Contact Details

Telephone *

Email Address *

Company Name *

space

1. Have you experienced any form of cyber-attack in the last 12 months?

Yes
No

space

2. To the best of your knowledge what was the source of the attack?

Phishing
Malware
Your own people
Other (please explain)

space

3. IMO requirements stipulate that cyber risk management must be included in the Safety Management System by January 2021 or face vessel detentions. Are you satisfied that your ISM now includes the cyber risk assessment and documented processes required in line with the IMO requirements?

Space

4. If not why?

space

5. How did you carry out your cyber risk assessment?

Did you use an external consultant
Class Society
Internally

Space

6. What actions have you taken (or plan to take) since carrying out your cyber risk assessment?

Properly documented inventory of network access and vulnerability
Investment in security software
Investment in monitoring services
Improved IT and OT network segregation
Cybersecurity training for crew and office staff
Properly documented procedures and contingency plans
Cybersecurity drills added to the regular rotation of safety exercises

Space

7. Which areas of cyber risk assessment within your ISM do you need more assistance in order to be compliant with the IMO guidelines. Refer to Q6.

Space

8. Research shows that the maritime industry lags behind other industries in cyber resilience, why do you think this is the case?

Issue not taken seriously at board level
Seen as unlikely/low-level risk in comparison with physical risks on board
Crew understanding of cybersecurity
Lack of training
Perceived cost of assessment and security procedures

Space

9. Do you have a cyber resilience plan?

Space

10. What gaps do you identify in your with cyber resilience plan?

space

Technology

Definition and mapping of IT and OT systems onboard including, crew welfare, operational, bridge and control systems; and definition of connections in and out of the vessel.
Physical security assessment
Vulnerability testing
Detection and analysis
Post-incident analysis and reporting
System protection management including event logging, back up, anti-virus support

space

People

General cyber security/cyber behaviour training for crew and onshore staff
Specialist training for designated cyber person onboard
Supporting training exercises e.g. cyber emergency drills
Support defining roles and responsibilities

space

Process

Update procedures and policies to reflect cyber risk and best practice
Support through fleet management software to maintain policies for ISM inspection

space

Space

Would you like to hear about other SDSD products and services that may be of interest to you, via our marketing emails please let us know by opting into our communication

Space

Space