Cyber security has become a central concern for the maritime industry due to digitalisation and greater exploitation of IIoT increases the risk. Shipping’s vulnerability to cybercrime was highlighted by the NotPetya virus in June 2017, whose impact is estimated to have cost one of the largest shipping groups in the world $50 million.

Its spread may explain why cyber security fears in this research focus on inward-facing matters such as data storage methods (55 per cent), poor network security (50 per cent) and potential mishandling/misuse of data (44 per cent), rather than targeted attacks (39 per cent).

HOW MATURE IS THE MARITIME SECTOR'S APPROACH TO IIOT SECURITY? (%)

Laggards
Starters
Progressives
Leaders

HOW MATURE IS THE MARITIME SECTOR'S APPROACH TO IIOT SECURITY? (%)

Laggards
Starters
Progressives
Leaders
87%

felt that they could improve their data handling processes

Some 87 per cent of maritime respondents either strongly agree or agree that their organisation’s processes to protect against data mishandling could be improved.

Whether justified or not, maritime also counts itself as one of the least exposed to external security challenges that might emanate from supplier or partner data regulation and compliance requirements (16 per cent of respondents) when measured against other sectors.

WHAT ARE THE BIGGEST SECURITY CHALLENGES ASSOCIATED WITH THE USE OF IIOT SOLUTIONS WITHIN YOUR ORGANISATION? (%)

Insecure storage of data collected
Poor network security
Potential misuse of data by employees
Risk of external cyber attack
Internal compliance requirements
Supplier/partner compliance requirements

WHAT ARE THE BIGGEST SECURITY CHALLENGES ASSOCIATED WITH THE USE OF IIOT SOLUTIONS WITHIN YOUR ORGANISATION? (%)

Insecure storage of data collected
Poor network security
Potential misuse of data by employees
Risk of external cyber attack
Internal compliance requirements
Supplier/partner compliance requirements
72%

agreed their efforts to combat cyber threats could be stronger

While the threat to cybersecurity may not principally derive from targeted attacks, 72 per cent of maritime respondents nonetheless either agree or strongly agree that their organisation’s processes to combat theft or malicious damage to hardware, software or the information on them could be stronger. Meanwhile, 53 per cent believe that more security skills would help deliver IIoT based solutions.

However, maritime is significantly behind the curve when it comes to addressing its own security skillsets: only 37 per cent of respondents report initiatives to improve security training, with only 25 per cent working on new IIoT security policies and just 18 per cent using skilled security staff.

Cyber-security fears focus on inward-facing matters such as data storage

One reason for relatively low activity to address security vulnerabilities in the maritime sector may be that 56 per cent of respondents say that the Chief Information Security Officer (CISO) is simply not involved with the organisation’s IIoT initiatives. While 32 per cent of respondents answering in this way think that individual should be, a remarkable 24 per cent think that the CISO does not need to be involved in IIoT-based solution development at all!

Further analysis of data indicates that 77 per cent of maritime respondents are identifiable as ‘laggards’ or ‘starters’ when it comes to changes made or intended to address IIoT security concerns.

Meanwhile, the better informed maritime respondents appear to be putting their faith in IIoT-based smart security management: while no respondent reports having IIoT-based smart security management and only 2 per cent are trialling such an approach, 34 per cent say they will deploy within 12 months.

FOR MORE INFORMATION ON THE RESEARCH, DOWNLOAD THE REPORT - INDUSTRIAL IOT ON LAND AND AT SEA: MARITIME

Press enter or esc to cancel