Making Shipping Less Vulnerable to Cyber Attacks
Digital technology has brought significant benefits to the maritime industry, but as a result of these technological advancements, maritime systems and infrastructures have become vulnerable to cyber threats. Recent studies show there has been a 400% increase in cyber-attack attempts made in the maritime industry in recent years and staggering 900% increase in attacks on operating technology. With the alarming number of cyber-attacks within the shipping industry on the rise, International Maritime Organization (IMO) has emphasised the need for implementing precautionary measures to prevent the associated risks.
One company that is helping the industry to address such issues and put preventative measures in place is Constellation Inspection Marine Transport LLC, a subsidiary of Constellation Marine Services LLC. Since 2007 Constellation has been incorporated in the Emirates of Dubai, Abu Dhabi and Fujairah, with a head office in London and liaison offices in Germany, Netherlands, Singapore, China and Africa.
Niche Skills
Merzyan Bhamgara, Head of Cybersecurity, says, “With over 20 years
of experience in marine information technology, we have the niche
skills required to identify issues and facilitate compliance with
information security requirements. We offer an end-to-end, and highly
cost effective. cyber security solution covering onshore and offshore
assets, based around a classification endorsed training module.”
Merzy says that despite the recent increases in cyber-attacks there is still an unwillingness in the industry to take preventive measures, which leaves ship-owners and operators very vulnerable. He says, “At Constellation we are constantly engaging with the maritime asset owning companies to highlight the risks of not being compliant with regard to cybersecurity.”
Since January 1st 2021 compliance with cybersecurity provisions is mandatory in line with the IMO 428 mandate. Merzy adds, “Our cyber solutions umbrella includes services which bring in continuous monitoring, compliance and overall governance. We also provide website security, development and hosting on a secure network with search engine optimisation.”
The classification approved cybersecurity training offered by Constellation is capable of combining the so called three pillars of cybersecurity - people, processes and technology - into an easy to navigate interface. “Non-compliance with cybersecurity requirements is now a detainable deficiency,” Merzy points out." The industry needs a paradigm shift and ship-owners and operators must embrace cybersecurity as part of their Safety Management Systems”
Unfortunately, in Constellation’s experience the fundamental requirements of IMO 428 are still not well understood by the industry, as a result make shift arrangements are seen as a trend. According to Merzy, “Cybersecurity has to be implemented to safeguard the potential effects on the shipping company, the vessel, personnel, the environment and cargo.
Industry Understanding
Another key member of the team is Capt. Zarir Irani, Director Constellation Marine Services. He adds, “We understand the domain area of rigs and ships better than most other IT service providers. Understanding shipboard operations, priority and management of information flow is key to our successful minimal duplication or interface solution for cybersecurity compliance”, this is our key differentiator. With our domain area expertise and strong team of auditors, security managers, master mariners and naval architects, we are able to help companies navigate a way through their own particular cyber requirements.”