Cyber security should be prioritised reveals industry expert

Cyber security is not a priority.  According to Colin Gillespie, Deputy Director, Loss Prevention North P&I, the threat of cyber-attacks is not something high on ship owners and regulators’ agendas and this creates confusion for owners when it comes to responding to the threat.

He revealed this during an Immediasea shipping debate forum on Cyber Security in The Maritime Industry: Fighting the New Wave of Piracy, which was held at the Baltic Exchange Centre in London yesterday.

While there is definitely some awareness of the problem, the main issue lies in the fact that it is difficult to quantify and there is not enough information yet available on it.  This means that it is difficult for ship owners and insurers to determine how to deal with it and how to respond to it stated Gillespie.

According to the cyber security expert, this makes it very challenging to legislate for.  Regulators might say that you need a system for reducing the risk of cyber-attacks, but not make it mandatory to have one.  At the current time there are no standards and no regulations.  When it comes to response it is therefore very difficult for ship owners to prioritise it, he emphasised. Regulation helps to prioritise maritime issues and responses, but without a regulation, cyber security is often left out.

According to Gillespie, most cyber-attacks are criminally driven, such as smuggling and blackmail, so why isn’t it regulated more? The answer may lie in clause CL380 ‘Institute Cyber Attack Exclusion Clause’, which lies in most insurance policies and essentially states that if hacking occurs then payment will not be given as part of insurance.

The question is now, how should the market respond to this? Should the clause really be in there? asked Gillespie.  While the industry continues to integrate technology and software and the idea of unmanned ships becomes more of a reality, ship owners need to look carefully at their insurance policies and realise that hacking needs to be taken more seriously and measures need to be implemented to reduce risk.  If you have limited cyber security measures, then you are open to cyber hackers and your insurance policy may not cover any incidents that arise from this, reiterated Gillespie.

Furthermore, nobody wants to share experiences of cyber hacking incidents Gillespie revealed.  People are embarrassed and do not want to appear weak, but the best way to learn and move forward is by sharing information and knowledge. What we can do is learn from aviation, he stated.  Within aviation there is more focus on reporting in real-time and using a compartmentalised method to reduce the risk of opening the whole structure to cyber hackers.

It is now essential that we slowly educate the shipping industry in a slow, calm, and structured way in order to minimise cyber security threats and lower the risk of exposure to such criminals, Gillespie concluded.

Ship Efficiency Review News
To contact the reporter responsible for this article, please email editor@fathom-mi.com

Share article:

Dedicated topic pages >>

Other news >>

STAY INFORMED

Stay On Top Of The Transformation Of The Shipping And Maritime Sectors With Our Weekly Email Newsletter.