Mark Sutcliffe, Founder of CSO Alliance, is pleased to announce an industry collaboration to combat cybercrime in shipping by creating a global reporting portal.
The rapidly evolving cybercrime threat facing maritime
In an environment where 90% of everything transported goes by sea, and where the trend is for increased digitalisation of ships and communications, the Maritime industry is now confronted with a growing threat from well financed International cyber criminals.
Cybercrime can no longer be dealt with by any one government, the threat is dynamic, rapidly evolving and multiplies when a weakness is identified. All our budgets, be it government, ship owner, port or suppliers in the global maritime supply chain are under cost pressure. This is compounded by the fact that in the shipping industry there is a culture of under-reporting crime. There is currently no global organisation structured to anonomise the incident reports and provide useful analysis of the data.
Industry collaboration to create a Cyber Crime Incident Reporting Portal
The collaborating partners have the same ambition and shared values, and have agreed to combine their ideas and experiences for the benefit of all. BIMCO is representing Ship Owners, North P&I Club for the P&I sector, The Republic of the Marshall Islands Maritime Administrator a Flag State, and DNV GL for Classification Societies. They are simply the first companies in each sector and welcome others to join the project. To add over 20 years of hard won transport sector cyber experience CSO Alliance has partnered with a major European aeronautics and cyber defence industrial company. They are pleased to provide their knowledge and support, acquired through their aviation experience, to better assist in the protection of maritime critical assets and infrastructure.
This Coalition of partners is strongly supported and encouraged by regulators, and global military intelligence providers who understand the urgent need to work together with CSO Alliance towards their goal of “Security through community”.
How and why the cyber crime reporting portal works.
A pilot website will be crafted by CSO Alliance technology partner Wididi (https://www.wididi.com/) who will bring experience from designing, building and operating a cybercrime reporting portal with the UK Gloucestershire Police https://www.safercybergloucestershire.uk. Wididi specialise in digitally streamlining processes and information around people – with a particular focus on security and privacy. The portal will provide the membership with curated cyber information, news, best practice, advice on handling incidents, tools and, importantly, live statistics on cyber and other crime. (see example report at the end of this article)
A confidential forum will allow communication between members, the exchange of experiences and the sharing of advice on dealing with particular threats.
The website will provide a tool for analyzing malware and, perhaps most critically, it will allow for the anonymous reporting of incidents. This feature can eliminate worry about consequences to an organisation’s reputation, while enriching data on types of threats and enabling rapid alerts on emerging risks to the entire industry.
We will start trials of a beta system during the summer to enable CSO Alliance members and additional partners to engage with the pilot. Additional features are planned, including big data reports and analytics, fusion of satellite imaging and location services.
The delivery provides access to a range of online tools to support a company information security or technology officer to effectively assess the safety and security impact and rapidly mitigate evolving cyber risks.
Building on the proven platform of CSO Alliance
CSO Alliance is a global, members-only risk management vehicle for all shipping sectors to drive best practice to combat maritime crime through forming a community, including leading military sources, to exchange ideas and information. Designed by CSOs for CSOs it takes valuable human interactions that occur when CSOs meet and embeds them in a secure online platform that is available 24/7/365.
CSO Alliance is collaborating with industry partners, to bring their learning and experience to the increasingly pertinent field of cyber security.
We are building up valuable data which we convert into easy to understand intelligence, which is all included in the annual cost effective membership fee. Our industry partners invite CSOs, CTOs, CISOs and other interested parties to join us to share ideas and information so we can combat maritime crime in all its forms – together and more effectively.
We are receiving active support from infrastructure investors, ports, regulators, and other institutional participants such as police, military and coastguards.
In recognition that the very first step is to create awareness with seafarers and office staff, CSO Alliance is proud to sponsor the free to read Be Cyber Aware at Sea monthly newsletter, https://www.becyberawareatsea.com.
Our partners believe this initiative will provide new and welcome tools for the industry.
Quotes of support from our Industry Supporters:
BIMCO, North P&I, The Republic of the Marshall Islands and DNV GL.
All collaborating partners have the same ambition and shared values to ensure this opportunity is fully supported and developed. All have agreed to support the widening of the support throughout industry, so that we work as one to combat organised crime.
Phil Tinsley, Head of Security.
Awareness of cyber security in the industry is definitely increasing, but there remains a requirement to share information and learn from incidents. The development of a secure cyber incident reporting portal makes complete sense and is the only way the industry can develop their own security measures to ensure serious incidents are prevented in the future.
The development of a secure and anonymous portal, which is easily accessible, will enhance the protection and safety of ships – a fundamental aim of BIMCO’s approach to maritime security.
Contact Philip Tinsley email@example.com
North P&I Club:
Colin Gillespie, Deputy Director of Loss Prevention.
Cyber-crime is a rapidly growing threat in all industries and shipping is not immune. North P&I Club believes that ship owners and other maritime businesses must act to protect themselves and the wider maritime supply chain from attacks. The launch of the Cyber Alliance is a welcome and timely development which complements the CSO Alliance. North P&I Club has partnered with CSO Alliance to provide its Members a reduced price to join which allows them access to security related information sharing. By also sharing and disseminating cyber security information and best practice it can help to better protect owners from cyber-crime and contribute to vessel safety.
A maritime cyber-crime reporting portal can identify cyber-attacks and hinder their propagation by alerting users to their presence. Shipping has traditionally been a secretive industry and no one really knows to what extent cyber-crime has affected individual companies in the maritime supply chain. Sharing cyber security information will require a move away from a traditional preference for secrecy – the question is ‘Can the industry afford not to share?’
North believes that a strong cyber alliance and a high level of confidential and sometimes anonymous reporting will help protect our industry from cyber attacks.
Contact Colin Gillespie firstname.lastname@example.org
Kim Heaselden email@example.com
The Republic of the Marshall lslands (RMI) Maritime Administrator:
Evan Curt, Deputy Commissioner of Maritime Affairs, commented that the RMI Maritime Administrator is fully committed to promoting maritime cyber risk awareness, innovative information sharing solutions, and collaboration among the maritime security community. Awareness is the first step to implementing an effective cyber risk management strategy.
Contact Evan Curt firstname.lastname@example.org
Following the publication of the Recommended Practice (RP) on “Cyber Security Resilience Management” to help the industry address potential cyber hazards, DNV GL has confirmed through various maritime cyber security risk assessments and advisory work, that there are a lot more incidents out there than reported.
Patrick Rossi, Senior Cybersecurity Service Manager at DNV GL – Maritime, commented: “We at DNV GL are very pleased to be a partner in this collaboration. The Cyber Crime reporting portal is the platform we were looking for, something that offers shipping companies an anonymous and safe way for coming together to monitor cyberattacks around the world, without exposing sensitive data. In a time when maritime assets and their systems are becoming increasingly interconnected, it is essential to monitor possible threats consistently and share the most effective ways of tackling them throughout the industry.”
Contact: Patrick Rossi Patrick.Rossi@dnvgl.com
Example of a Cyber Report
The ship owner has agreed to release this data and I think once we build understanding and awareness of the platform more incidents will flow, we know they are out there.
In this case the outgoing and incoming chief officers exchanged a USB which crashed the ships computers and incurred a two day delay as the systems reconfigured, the location, type of incident are accurate as is the month and year, we have changed the day and the IMO number. This is a representative example, but we can rapidly build and visualise the data and reporting which will make sense for CTO/CIOs.