Last week, the European Union Agency for Cybersecurity (ENISA) published the report “PORT CYBERSECURITY: Good practices for cybersecurity in the maritime sector”. The report focuses mostly on ports’ infrastructure, but it is an important sign that the maritime industry needs to address the threats associated with ongoing digitalization.
The authors list the most pressing challenges which the sector faces, among them a lack of digital culture, awareness training, qualified human resources, complex supply chain landscape and finally IT and OT convergence and interconnection.
Click here to view ENISA's report: 'Port Cybersecurity - Good practices for cybersecurity in the maritime sector.
Actions necessary to mitigate the risks related to the above-mentioned challenges require a holistic approach to risk management. However, while part of them are connected to the organizational security measures, the remaining ones like management of industrial systems and particularly Operational Technology (OT) focus on more technical aspects.
The digitalization, automatization and integration of vessels’ OT with IT systems allows to use more advanced solutions such as on-board sensors, big data analytics, remote monitoring of on- board systems and therefore improves quality of measurements. All this in aim to optimize day-to-day operations and cut costs. These improvements are clearly beneficial for crews and shipowners, but they also raise vessels’ exposure to cyberthreats.
The complex landscape of these systems as well as their interconnectivity makes the task of securing them difficult. Therefore, the maritime sector should rely on accomplished market actors who continuously work to provide solutions and fulfill parts of the industry needs. By doing so, the sector moves away from remediating one-off gaps, towards a more dynamic approach where emerging risks are addressed timely and efficiently.
© 2020 KPMG AS and KPMG Law Advokatfirma AS, Norwegian limited liability companies and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.
For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.