Secure at Sea: Solid plan can mitigate cyber-security issues

Aug 13, 2020 by Corey D. Ranslem

Secure@Sea: by Corey D. Ranslem

Cyber security for the global maritime industry continues to be a concern that most seem to be ignoring. Over the past few weeks, I have read several news articles and columns from experts that say cyber security attacks against the global maritime industry have gone up over 900% during the past three years.

That statistic is staggering, and it also does not appear that many people within the industry care or are doing much to protect their vessels and shore-side assets. In my previous column, I provided an overview of the coming IMO regulations (Resolution MSC.428(98) and additions to ISM plans required for cyber security compliance in 2021. Many experts believe these regulations will be the first of many regarding cyber security as the number of attacks against the maritime industry continue to rise exponentially. These regulations do include large yachts.

There is a simple framework that has been put in place by NIST (National Institute of Standards and Technology) in the United States (the NIST Framework). This standard is the basis for putting together a good plan to help mitigate cyber security-related issues for a vessel, facility, or company.

The standard framework has five parts that are easy to apply to a cyber security-related plan: Identify, protect, detect, respond, and recover.

The first step is to identify all assets, network set-up, OT/IT devices, any vulnerabilities with the network and devices, and who has internal and external access, along with any cyber security-related procedures and how well those procedures are followed. It is a good idea to have an outside organization provide this assessment as they can provide a non-biased opinion of how things look within a vessel or organization.

Once the networks are assessed, look at how that network — along with all the devices, personnel and infrastructure — is protected. One of the major issues found outside of physical security is personnel training. Organizations spend hundreds of thousands of dollars (and in some cases, millions) to protect their network infrastructure but fail to provide basic and recurring training to the people who use that network.

The third step involves putting in place the tools to detect any potential intrusions or malicious activity within the networks. Many firewall devices, routers and network devices have basic security that provides intrusion detection, however these detection tools need to be set up and someone needs to look over the logs to determine what is and is not normal within that network. There are also advanced tools that can be used to monitor the networks along with the endpoint devices within that network for potential vulnerabilities. It is more effective to work with an outside vendor to provide this type of service. Most small companies and vessels don’t have the capability to configure and monitor the output from the detection devices.

The fourth step involves the response to an attack. There are multiple types of attacks from simple to complex and can involve individuals all the way up to state actors. The complexity of the attack is not always determined by the attacker. Part of the IMO regulations involve a response plan to a potential attack. Every vessel, organization and facility should have a response plan in place to immediately deal with the attack and mitigate any long-term damage. This includes having back-ups to critical data, secondary infrastructure to bring online, or alternative communication systems. This also includes the immediate mitigation activities to help prevent the further spread of the attack.

The fifth and final step is recovery. How does the vessel, facility or organization get back to business while putting in place steps to mitigate future attacks? Any entity that has been attacked will do things differently moving forward.

There is always a lot to consider when it comes to cyber security and protection of vessels that move all over the world. If a potential attacker perceives any type of difficulty in attempting to attack a system, he will most likely move to another target. 

The maritime industry has a number of vulnerabilities and threats along with unique challenges. Following a good plan and process will help protect a vessel, just as it’s possible to help protect a house with a security system and a sign in the front yard.

Corey D. Ranslem is CEO at International Maritime Security Associates ( With more than 25 years of combined Coast Guard and maritime industry experience, he aims to enhance the way mariners handle security threats and risk management. Comments are welcome below.


Related Articles

Secure at Sea: Is your vessel ready for IMO’s Cyber Security compliance?

Secure at Sea: Is your vessel ready for IMO’s Cyber Security compliance?

Secure@Sea: by Corey D. Ranslem Cyber security threats continue to be one of the top threats facing governments, businesses, and private individuals around the globe with attacks increasing …

Secure at Sea: Yachts, yards may be liable for inadequate network security

Secure@Sea: by Corey D. Ranslem Cyber security issues are a dominant part of world headlines on an hourly basis. Attacks continue in almost every industry and location of the

Shut down and stranded: Pandemic realities for those who work at sea

Delays, cancellations, restrictions, closures, quarantines, and last-minute changes have become the norm in the past 18 months. For crew, the fallout has been

Rules of the Road: More to choosing flag than its color

Rules of the Road: More to choosing flag than its color

Rules of the Road: by Capt. Jake DesVergers Registration of a yacht is an important function toward the overall safety and security of maritime transport. While seen as a

Secure at Sea: Disaster response calls for extra steps

Secure at Sea: Disaster response calls for extra steps

Secure@Sea: by Corey D. Ranslem The hurricane season this year hasn’t been particularly busy when it comes to the number of storms and systems, however, it has been devastating

Secure at Sea: Guide helps set up cyber security plan

Secure at Sea: Guide helps set up cyber security plan

Secure@Sea: by Corey Ranslem Cyber security is a hot topic. It’s  become one of the most dominant and expanding threats to the maritime industry, and it’s increasing at rapid