Cybersecurity resilience for the Maritime sector with MCERT
The maritime sector is replacing many traditional paperwork-intensive activities with digital solutions and innovations in technology. This brings greater vulnerability to cyber risks and threats. A number of significant developments have been made to counter these threats.
The UK has a rich history as one of the world’s leading maritime nations and the maritime sector continues to have a critical role as a primary facilitator of global trade and significant contributor to the UK economy.
Around 95% of British imports and exports in goods are moved by sea, including 25% of the UK’s energy supply, and 48% of the country’s food supplies.
Maritime business services directly contribute £2 billion Gross Value Added (GVA) to the UK economy. When impacts on the wider economy are accounted for, including the rest of the maritime sector, this rises to nearly £5 billion.
The City of London is a global leader in this area, with the largest share of worldwide marine insurance premiums and shipbroking transactions occuring in the UK, comprising 35% and 26% of the global market respectively (as detailed in the Department for Transport publication, January 2019 – Maritime 2050, Navigating the Future).
The maritime sector digitises
However, our world is changing dramatically and, like many other industries, the maritime sector is beginning to embrace digitisation and automation in order to benefit from operational efficiencies and productivity. Over the last few years, centuries of traditional, costly, paperwork-intensive activities and ways of working have been replaced by digital solutions and innovations in technology, on land and at sea. With this progress has come greater exposure and vulnerability to cyber risks and threats.
Cyber attacks in the maritime sector
The maritime sector has been making global headlines of its own over recent years with cyber incidents such as Maersk, Clarksons, Cosco, and ports including Barcelona and San Diego, to name but a few that are actually in the public domain. Still, the sector has been notoriously slow to adapt and respond to the cyber issue; Lloyd’s of London has warned that a serious cyber attack could cost the global economy more than £92bn, as reported on Information Age.
Addressing this agenda, therefore, is imperative for any nation or organisation seeking to be part of a prosperous maritime industry.
UK government ‘Maritime 2050, Navigating the Future’ report
It is therefore apt that, at a time when the UK is looking to reframe its relationships with Europe and the rest of the world, the UK government has launched its ‘Maritime 2050, Navigating the Future’ report.
At its heart, the report highlights ten core Maritime 2050 Strategic Ambitions. These aims reflect the importance of innovation, academia, security and stakeholder partnerships in continuing to develop and maintain a resilient maritime ecosystem.
International Maritime Cyber Centre of Excellence (IMCCE)
One significant development supporting these criteria is the establishment of the International Maritime Cyber Centre of Excellence (IMCCE), an industry initiative spearheaded by UK cyber security specialists Templar Executives in partnership with leading maritime player Wärtsilä. The IMCCE consists of the Templar Cyber Academy (T-CAM) to raise awareness and address the skills gap in the industry and a Maritime Cyber Emergency Response Team (MCERT).
MCERT provides Cyber Security incident response
With the support of key stakeholders drawn from the shipping and marine insurance world, MCERT has been created to enable the reporting of cyber incidents and to provide real-time assistance to members during a cyber incident. It also provides proactive support such as intelligence feeds and daily threat alerts and is onboarding more industry partners to supplement a global, 24-by-7 remediation capability – in essence offering tailor made solutions for the maritime sector, by the maritime sector.
The timing of the initiative reflects the increasing threat. In their 2018 Maritime Cyber Security Survey, publisher Fairplay and maritime industry body BIMCO reported that a fifth of respondents had been the victim of a cyber incident, with 72% of them stating that their companies had also been the victims of cyber-related crime.
Cyber Security resilience across the maritime ecosystem
Established in less than a year, with hubs in Singapore, London and Eastern Europe so far, the MCERT is an industry phenomenon. It offers a capability to help enable cyber resilience across the entire maritime ecosystem, including shipping, services, ports, refineries, terminals, support systems and leisure marine, and is already receiving support from marine insurers who recognise the changing risk landscape.
Maritime Cyber Security offerings had previously focused on the risks to ship systems at sea. MCERT recognises not just the risk to vessels on the water, but also those likely to impact operations at corporate headquarters and other areas of the supply chain, ensuring that no single aspect of the maritime ecosystem is left without support – from crew and vessel safety to safeguarding a company’s data and bank accounts, whatever the size of organisation.
MCERT provides a step change in capability and offers the maritime sector access to the necessary expertise to gain an acceptable baseline of cyber resilience whilst helping stakeholders avoid so many of the cyber-related incidents that other sectors have had to face on their journey to digitalisation.
If you are interested in becoming an MCERT member, or offer services to the maritime industry and wish to become an MCERT supplier, please contact us on info@maritimecert.com
Anu Khurmi
Director
See also:
Cyber resilience: advice from leading figures
Cyber security basics from Will Geddes