Today we want to focus on a very important issue in our sector and how we have dealt with it: cybersecurity. We had already looked at the problem in the maritime area from some years now, studying the experiences of other sectors on the same issue, even before the threat hit the shipping system.
In 2017, the expert Raul R. Walters, Director of the Global ABS CyberSafety program, has announced the imminent arrival of cyber attacks that would undermine the security of our sector at multiple levels. During the same years, we’ve made official our company project management with the aim of providing PB Tankers with a structured maritime cybersecurity system capable of protecting its ships and its network.
We have therefore created a working group within our company organization chart, including the skills of Information Technology, Operational Technology, Quality Systems, Ship Security, Electronic and Instrumental Navigation, Insurance with these goals. We formed a team, operating both in Rome and in Palermo, coordinated by the figure of the CSO of PB Tankers, to which the assignment has been submitted to develop a detailed analysis of the vulnerabilities of the systems, appraising the risks of it and proceeding in the development of an effective cybersecurity plan.
The priority of our project was to establish a defensive strategy able to counteract the two main cyber threats in the area of maritime transport: cyberpiracy and cyberspying. As regards the security of ports and ships, the strategy included protecting goods from theft, smuggling and computer hacking to defend shipments from being detected, intercepted and manipulated by cyber pirates. To safeguard the Company’s headquarters, a security plan was set up to shield data and sensitive information at the center of a possible cyber espionage attack, which is often used as an instrument to achieve an industrial advantage.
After a careful analysis of threats, risks and vulnerabilities, our team promptly identified the necessary actions to mitigate critical issues: the plan included various initiatives from training for ground and on-board personnel to the adoption of software and hardware dedicated to the recognition and interception of potential threats, as well as the drafting and the promulgation of best practices to be followed for the use of corporate and private devices at our disposal (laptops and mobile phones).
Consciousness and innovation are, therefore, the central elements that immediately distinguished the maritime cybersecurity management plan developed by our team, which outlined a policy aimed at personnel education and the use of modern and effective technologies in order to protect sensitive informations and goods.
The information system in the world of maritime transport can, in fact, be extremely vulnerable to potential attacks, considering that to date, around 30,000 boats worldwide have equipment that provides constant internet access: a constantly evolving number, considering that in 2008 there were only 6,000. Furthermore, the global nature of business relationships and the diversity of operational activities expose the industry to a wide range of cyber security threats.
An example of this vulnerability lies in the fact that many shipping companies rely on numerous local partners around the world, exposing back-end system links and information flows that are sensitive to potential local security weaknesses.
In May 2018, we formalized the cybersecurity manual and the procedures became operational both on the ground and on board. After the first six months, we have analyzed the results and planned the expansion and strengthening of the procedures to guarantee increasingly effective and complete protection. Today we are ready to improve the work done so far, because constantly improving is in the DNA of PB Tankers, well impressed in our team work values: Courage and strive to be better!