Maritime Cybersecurity Takes A Big Step Forward

Uploaded on 2018-11-26 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel

The international shipowners’ association, BIMCO will introduce a cyber security clause into its charter party agreements and other contracts to include the need to protect both IT and OT-based systems onboard ship.

The BIMCO decision follows a recent spike in high-profile cyber-attacks, such as those involving Maersk, COSCO, BW Group and broker Clarksons. It is anticipated that the cyber clause will be included in BIMCO contracts from May 2019.

Asaf Shefi, CTO of Naval Dome, the Israel-based developer of the award-winning Endpoint cyber security platform welcomed this imprtant step. 

“That the BIMCO cyber clause will precede the 2021 entry-into-force of IMO Resolution MSC.428(98), which will see cyber security measures included in the ISM Code, is very welcome news. The decision suggests that shipowners are now unwilling to wait for the regulators to implement change and are taking immediate action themselves.”

“While IT-related cyber protection is crucial to mitigating against fraud and data theft, the inclusion of Operation Technologies means that shipowner realise that critical systems – navigational, machinery and hotel systems – also need protection to prevent threats to crew, passenger and vessel safety,” said Shefi.

With the market proliferation of maritime cyber solutions, however, Shefi pointed out that a careful evaluation of the technologies available is required before any investments are made.

“Most cyber security systems just protect IT. Naval Dome Endpoint is the only cyber security system capable of protecting both IT and OT systems. As all shipboard systems are linked and inter-connected, BIMCO members should be aware that each individual IT and OT system onboard needs its own protection.”

It is the potential inclusion of a cyber liability clause, however, that Naval Dome CEO Itai Sela singles out for particular praise.

“The problems shipowners face insuring their PC-based systems against cyber attack has been well documented, but this issue could be resolved with the BIMCO clause.”

BIMCO has said that liability for claims would be limited to US$100,000 unless a different amount is agreed during negotiations.

“This could mean that the end result of a cyber attack may not necessarily be put down to technical failure or human error – as these things frequently are. It could also make the introduction of cyber insurance-related policies a potentially more attractive proposition for the insurer,” said Sela.

“At the very least, the new cyber clause will ensure parties are required to notify one another so that they can take the necessary precautions. It will ensure that contracted parties have procedures and systems in place to help minimise the cyber threat.”

You Might Also Read:

The Maritime Industry's Slow Boat To Cybersecurity:

Cybersecurity At Sea:

 

« Russian Hackers Have New Phishing Tricks
Cathay Pacific Admits Cyber-Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

Axiomatics

Axiomatics

Axiomatics provides dynamic authorization and access control solutions to protect critical data assets.

Nethemba

Nethemba

Nethemba provide pentesting and security audits for networks and web applications. Other services include digital forensics, training and consultancy.

NordForsk

NordForsk

NordForsk facilitates and provides funding for Nordic research cooperation and research infrastructure. Project areas include digitalisation and digital security.

Sysorex Government Services

Sysorex Government Services

Sysorex Government Services helps customers meet their strategic missions by providing secure, optimized IT solutions that allow them to perform more efficiently and effectively.

CipherMail

CipherMail

CipherMail provides email security products which allow organizations world wide to automatically protect their email against unauthorized access both in transit and at rest.

Naukrigulf

Naukrigulf

Naukrigulf.com is one of the fastest growing job sites in the Gulf, with thousands of registered job seekers and a robust CV database across many sectors, including cybersecurity.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

MPC Alliance

MPC Alliance

A consortium of developers and practitioners of multiparty computation (MPC), committed to accelerating market awareness and adoption of MPC to increase the security and privacy of online services.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Tabidus Technology

Tabidus Technology

Tabidus Technology is a cybersecurity association that unites and provides the global protection options against cyber threats.

Omantel Innovation Labs

Omantel Innovation Labs

The Omantel Innovation Labs is a platform to enable startups and innovators to develop and commercialize solutions within selected technology verticals including cybersecurity.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

Aegis Cyber Defense Systems

Aegis Cyber Defense Systems

AEGIS is a powerful cybersecurity tool that can help protect your devices and networks from cyber threats, and increase performance.

XBOW

XBOW

XBOW brings AI to offensive security, augmenting the work of bug hunters and security researchers.