testata inforMARE
Cerca
11 May 2025 - Year XXIX
Independent journal on economy and transport policy
20:53 GMT+2
LinnkedInTwitterFacebook


CENTRO INTERNAZIONALE STUDI CONTAINERSANNO XXXVIII - Numero LUGLIO 2020
CYBER SECURITY

TURNING IMO2021 INTO AN OPPORTUNITY INSTEAD OF A BURDEN

Being a shipping IT professional can be frustrating. You recognise the need to invest in further cybersecurity, but your management team still treat it as a "compliance problem". But perhaps this is a result of the way cybersecurity has been presented to leadership. The dialogue needs to change. IMO 2021 could offer a unique opportunity to reposition cybersecurity as an important enabler of the wider business objectives.

At our recent virtual conference - CyberSecure at Sea - we asked ~120 shipping IT professionals what was holding them back from rolling out cyber security controls. ~50% pointed toward the struggle with providing their management teams the confidence that they are spending wisely on cyber security or that investing in additional resources to manage cyber risk is required at all. It is clear there is a misalignment between what IT professionals know is needed and what leadership believes is the risk.

Management teams in shipping believe cyber security is mainly a "compliance problem"

This is frustrating for the IT professional. But it isn't really a surprise.

Management's main concerns are driving up revenue and driving down cost. Maximise chartering at minimal expense. To run a tight ship, any investment that cannot visibly drive either of these twin goals is deprioritised. If the link is not clear, they don't believe it or they don't understand it, investing in it is a luxury. So the responsibility falls on the CIO or IT manager to help leadership understand the need and urgency.

But shipping IT professionals still find themselves stuck in a dialogue with management about how to do the bare minimum in order to comply with IMO 2021, instead of how to take steps to properly cybersecure.

From our discussions with shipping IT professionals, we find only 20% are actively engaging with their management to align cybersecurity strategy. In over 65% of cases, the dialogue is either focused purely on compliance or related to purchasing specific cybersecurity solutions. This means that for every 100 interactions that IT professionals have with their management team, 65 of them are either discussing compliance or a point solution.

Interestingly, none of the shipping IT professionals we speak to have a relationship with management where they agree to an annual budget and make the day to day decisions around cyber-security strategy and tactics. So management are making decisions on what cybersecurity controls to put in place on a case by case basis, rather than the IT professionals.

This is why cyber security in shipping is still commonly treated as a "compliance problem" - it is being presented as one.

This mindset is based on false assumptions

The most dangerous one is that shipping is not a targeted sector. If you still don't believe the threat landscape is shifting, then just look at the data - just within the first 5 months of 2020, there were public announcements of cyber attacks on MSC, Anglo Eastern, OSM and twice on Toll Group. While the amount of losses in revenue or remediation costs remain guarded secrets, they have all admitted to significant interruptions in operations.

Another false assumption is that we can achieve vessel digitalisation and worry about cyber security later. The evidence is clear that this simply isn't the case. Just to cite one example, a common assumption is that you can maintain separation of the business, crew and OT networks. So it should be impossible for an attacker to compromise a crew asset, then use that foothold to attack a critical business workstation or OT system.

In reality, in ~80% of vessels CyberOwl has deployed on, we find assets connected to the business network that the IT manager knows nothing about. They haven't identified them in their inventory, have no idea of their nature, did not sanction a connection, had no way of controlling or disconnecting them remotely. Sometimes it is not just 1 or 2 such assets, but 10s of them. In several cases, these unauthorised connections were later discovered to be OT devices linked to a bridge system, the engine room or auxiliary power system.

The relationship between IT and management needs to change. IMO 2021 is an opportunity to get "air time".

IMO 2021 presents a window of opportunity. Management teams have no choice but to make sure their fleet has a cyber risk management system that complies. Instead of approaching the dialogue as a compliance issue, this is the opportunity to frame cyber security as a business issue - an enabler to deliver overall business priorities. Whether this is business efficiency, vessel performance optimisation, remote control and management or crew welfare.

There are useful examples in recent history of leveraging compliance to strengthen overall cyber risk management. According to analysis by Marsh, companies successfully used GDPR as a catalyst, with 78% investing more in cyber security en route to GDPR compliance. A key finding in a 2019 UK government report was that as a result of GDPR, there was a significant increase in the number of businesses putting in place quarterly updates with senior management on cybersecurity, intensifying cybersecurity training and enhancing cybersecurity policies. Essentially, where the opportunity was taken, GDPR had a positive effect in improving executive attention that prompted the related investments.

This window of opportunity won't last forever. Don't squander it.

So how do shipping IT professionals make the most out of IMO 2021?

Shifting the emphasis of the discussion with management is an important start. Turn the conversation from "what we need to do to comply" to "how does cybersecurity support the way we want to work going forward." For example, the need for better remote access control becomes less about the fact it is an IACS recommendation, but more because it reduces the need to get an engineer onboard the vessel.
  • Use IMO 2021 as a catalyst for working more closely with your colleagues in technical, operations and quality. Get a good understanding of their ambitions for improving performance and reducing costs. Use this knowledge to demonstrate how cybersecurity could help them achieve that securely. Link your cybersecurity initiatives with their cost-savings or revenue-gain figures.
  • Quantify the risk within the context of these wider business objectives. Help management visualise the potential loss due to a cyber attack. But make this real to your own organisation and its digitalisation ambitions, rather than using high-level industry report figures. There are various well-recognised methods for quantifying the cyber risk to an organisation. One approach we like using at CyberOwl is the FAIR methodology.
  • Define some key cybersecurity metrics to start collecting and tracking. Begin with a pragmatic, small number that won't drown your resources. At minimum, these should measure the volume of system outages, volume of cyber incidents and some aspect of usage policy abuse, misconfigurations or suspicious behaviour. Gather benchmarks on these metrics from a friendly cybersecurity advisor or a collaborative network of other shipping IT professionals. Present the trends and benchmarks to your management, clearly explaining their implications.
  • Lean on your vendors to help you inform your cybersecurity strategy. It is part of the value and service they bring to you. When you perform trials, treat it as a learning exercise, not just a procurement exercise. Clearly set out what you are trying to learn about your current cybersecurity posture, where the risks are and how you are currently managing them. Share this "list of learning points" with your vendor. They should be helping you learn, rather than just proving to you their cybersecurity product is better than the competition.
Finally, it doesn't need to be a huge transformation programme. Start small and simple. Make some changes. Measure the improvement. Share any good news and small wins. Repeat.

How are you engaging with your management on IMO 2021? Get in touch with us here if you would like help or a free consultation on how to reposition the dialogue.

hellenicshippingnews.com
RAILWAY TRANSPORT
Stop, other Regions should follow Abruzzo's example by introducing the regional ferrobonus
Rome
LOGISTICS
The laying of the first pillar of the logistics park under construction in Tortona was celebrated
Tortona
The project is scheduled for completion in May 2026.
TRADE
The Customs Free Zone enclosed in Genoa as an opportunity to mitigate the impact of duties
Genoa
Spediporto highlights it
SHIPPING
Taiwan's Evergreen and Yang Ming saw revenue decline in April
Keelung/Taipei
Compatriot Wan Hai Lines' turnover grows
SHIPPING
In the first three months of 2025, RCL containerships transported 658,000 TEU (+8.9%)
Bangkok
Revenues up +37.6%
PORTS
The preparation process for the Port Regulatory Plan of Ancona has begun
Ancona
Preliminary verification of the Strategic Environmental Assessment has begun
SHIPPING
d'Amico International Shipping reports quarterly revenue and earnings decline
Luxembourg
Balestra di Mottola: We do not expect any impact on us from any port tariffs applied in the US for ships built in China
PORTS
Towards the final approval of the nomination of Francesco Benevolo as president of the port of Ravenna
Rome
The MIT has forwarded the proposal to the Transport Commission of the Chamber
SHIPPING
The decline in vehicle volumes transported by the Wallenius Wilhelmsen fleet continues
Lysaker
The first three months of 2025 were closed with revenues of 1.3 billion dollars (+3.4%)
PORTS
Shipping agents, customs agents and freight forwarders of La Spezia applaud Pisano's appointment
The Spice
For the presidency of the AdSP - they rejoice - "one of us" has been chosen
PORTS
MIT appoints Bruno Pisano as president of the AdSP of the Eastern Ligurian Sea
Rome
LOGISTICS
DHL Buys IDS Fulfillment
Westerville/Indianapolis
Strengthening the e-commerce segment
YACHTING
V.Ships created V.Yachts to provide its services to large yachts
London
It will be based in Monaco
RAILWAY TRANSPORT
Mercitalia Rail transports scrap iron from Pomezia to steel mills in Northern Italy
Milan
SHIPPING
Finnlines revenues increased by +2.3% in the first quarter
Helsinki
The volumes transported by the fleet are increasing, with the exception of cars
PORTS
NYK to build third car terminal at Barcelona port
Barcelona
Work begins on the electrification of the MSC Crociere terminal
COMPANIES
The Verdane investment fund sells Danelec to the GTT group
Paris
Danish company develops technologies for digitalization of maritime transport
NEWS
Israeli forces attacked the port of Hodeyda
Jerusalem
IDF, measures taken to limit damage to ships
SHIPYARDS
Vard signs new contract with Dong Fang Offshore for OSCV vessel
Trieste
It will be delivered in the first quarter of 2028
MARITIME SERVICES
Collaboration protocol between the Federation of the Sea and WSense
Rome
Among the aims, to promote intelligent and sustainable management of marine resources
MEETINGS
A conference on maritime engineering works and climate change in Rome on Wednesday
Rome
It will be held at the Auditorium Fondazione MAXXI
PORTS
The 2024 general financial statement of the Eastern Adriatic Sea Port Authority has been approved
Trieste
It records a general administrative surplus of almost 283 million euros
INDUSTRY
Accelleron Industries Announces Further Investments in Italy
Baden
The aim is to strengthen technological leadership in fuel injection systems for the decarbonisation of the maritime sector.
LOGISTICS
UAE's AD Ports continues to invest in Egypt
Cairo/Abu Dhabi
Usufruct contract to develop and manage a logistics and industrial park near the port of Port Said
PORTS
The 2024 final budget of the Central Adriatic Sea Port System Authority has been approved
Ancona
Green light from the Management Committee
RAILWAY TRANSPORT
RFI, tender awarded for maintenance and telecommunications enhancement works
Rome
Program worth approximately 180 million euros
PORTS
Contract signed assigning CMA CGM the management of the container terminal at the port of Latakia
Damascus
Investments of 230 million euros expected in the first four years
PORTS
Rizzo appointed extraordinary commissioner of the Strait Port System Authority
Messina
LOGISTICS
DHL Group revenues increased by +2.8% in the first three months of 2025
Bonn
Net profit of 830 million euros (+3.9%)
PORTS
Purchase of area for new cruise terminal in Marghera completed
Venice
It is expected to become operational in the 2028 cruise season.
AVIATION
CMA CGM Completes Acquisition of Air Belgium
Marseille/Mont-Saint-Guibert
Mazaudier: Strengthen our air capacity with immediate effect
PORTS
In the first three months of 2025, freight traffic in Albanian ports decreased by -1.8%
Tirana
Passengers also decreasing (-1.6%)
RAILWAY TRANSPORT
In 2024, 94.4 million tonnes of goods were transported on the Austrian rail network (+2.2%)
Vienna
31.8% of the total volume was achieved on routes longer than 300 kilometres
PORTS
The final budget and the annual report 2024 of the AdSP of Sardinia have been approved
Cagliari
Pilot project for the unified issuing of port access permits for haulers
FREIGHT TERMINALS
Interporto Padova's 2024 financial statements unanimously approved
Padua
Revenues up +7.3%
PORTS
Redevelopment works underway at the agri-food hub of the port of Livorno
Leghorn
Works worth six million euros
SHIPPING
Bluferries is ready to put the new ro-pax Athena into service in the Strait of Messina
Messina
It can carry up to 22 trucks or 125 cars and 393 people
PORTS
Approved the financial statement for the financial year 2024 of the AdSP of the Ionian Sea
Taranto
424.8 million port works completed in the last decade
INDUSTRY
Kalmar reports lower quarterly revenue, higher new orders
Helsinki
In the first three months of 2025, net profit was 34.1 million euros (+2%)
PORTS
Antonio Ranieri is the new maritime director of Liguria
Genoa
He takes over from Admiral Piero Pellizzari who was discharged from the service upon reaching the age limit
INDUSTRY
In the first quarter of 2025, China's CIMC recorded a 12.7% increase in container sales
Hong Kong
Revenues grew by +11.0%
SAILING LIST
Visual Sailing List
Departure ports
Arrival ports by:
- alphabetical order
- country
- geographical areas
PORTS
Last year, the revenues of the Chinese group CMPort increased by +3.1%
Hong Kong
In the first three months of 2025, port terminals handled 36.4 million containers (+5.6%)
PORTS
The financial statements of the AdSP of Western Liguria and the Central-Northern Tyrrhenian Sea have been approved
Genoa/Civitavecchia
INDUSTRY
Konecranes revenues increased by +7.7% in the first three months of 2025
Helsinki
343 million euros of new orders for port vehicles (+37.5%)
LOGISTICS
Kuehne+Nagel posts first quarter of growth
Schindellegi
The logistics group's net sales amounted to 6.33 billion Swiss francs (+14.9%)
PORTS
Application by TDT (Grimaldi group) for the construction and management of 50% of the Terminal Darsena Europa in Livorno
Leghorn
The company has requested an extension of the duration of the current concession
PORTS
In 2024, 58 million invested in the modernization of the ports of Livorno, Piombino and the island of Elba
Leghorn
The final budget and the annual report of the AdSP have been approved
PORTS
In the first quarter the port of Valencia handled 1.3 million containers (+3.4%)
Valencia
Transhipment traffic decline
PORTS
EIB advice to strengthen climate resilience of the ports of Volos, Alexandroupolis and Patras
Luxembourg
It will assist port authorities in identifying and managing climate risks
PORTS
The Management Committee of the Central Tyrrhenian Sea Port Authority has unanimously approved the 2024 financial statement
Naples
ASSOCIATIONS
SOS LOGistica will acquire the qualification of Third Sector Entity
Milan
The association currently has 74 members
PORTS
In the first three months of 2025, freight traffic in the ports of Barcelona and Algeciras decreased
Barcelona/Algeciras
INTERMODAL TRANSPORT
Hupac transfers intermodal service with Padua to Novara
Noise
Until now the other terminal was the one in Busto Arsizio
PORTS
Italian Ports:
Ancona Genoa Ravenna
Augusta Gioia Tauro Salerno
Bari La Spezia Savona
Brindisi Leghorn Taranto
Cagliari Naples Trapani
Carrara Palermo Trieste
Civitavecchia Piombino Venice
Italian Interports: list World Ports: map
DATABASE
ShipownersShipbuilding and Shiprepairing Yards
ForwardersShip Suppliers
Shipping AgentsTruckers
MEETINGS
MEETINGS
A conference on maritime engineering works and climate change in Rome on Wednesday
Rome
It will be held at the Auditorium Fondazione MAXXI
MEETINGS
The conference "New sustainable marine fuels - Decarbonize Shipping" will be held in Genoa on Monday
Genoa
››› Meetings File
PRESS REVIEW
Proposed 30% increase for port tariffs to be in phases, says Loke
(Free Malaysia Today)
Damen Mangalia Unionists Protest Friday Against Possible Closure
(The Romania Journal)
››› Press Review File
FORUM of Shipping
and Logistics
Autorità di Regolazione dei Trasporti
Relazione del presidente Nicola Zaccheo
Roma, 18 settembre 2024
››› File
PORTS
PSA SECH has operated the first 400-meter train at Parco Ferroviario Rugna
Genoa
Capacity up to 20 pairs of trains per day
PORTS
The 2024 financial statement of the Eastern Liguria Port Authority was unanimously approved
The Spice
PORTS
The war clearance preparatory to the expansion of the Ravano Terminal in La Spezia is nearing completion
The Spice
The AdSP has invested over 600 thousand euros in it
PORTS
Francesco Rizzo appointed president of the AdSP of the Strait
Rome
He has repeatedly denounced the uselessness of the construction of the bridge over the Strait
NEWS
US aircraft attack Yemeni port of Ras Isa
Tampa/Beirut
38 dead and over a hundred injured
COMPANIES
In 2025 Stazioni Marittime predicts an increase in ferry and cruise traffic in the port of Genoa
TRANSPORTATION
MIT Mobility Report Highlights Rising Demand for Both Passengers and Freight
Rome
PORTS
In the first quarter, cargo traffic in Russian ports decreased by -5.6%
St. Petersburg
Both dry goods (-5.3%) and liquid bulk (-5.8%) are decreasing
ASSOCIATIONS
Andrea Giachero confirmed as president of Spediporto
Genoa
The board of directors of the association of Genoese freight forwarders has also been renewed for the three-year period 2025-2028
PORTS
Study for monitoring vehicular traffic in the ports of Venice and Chioggia
Milan
Order awarded to Circle and Arelogik
RAILWAY TRANSPORT
In Italy, the rail freight transport sector is in deep trouble
Geneva
Fermerci calls for making traffic incentives structural and increasing and for refinancing the incentive for the purchase of locomotives and wagons
SHIPPING
Global Maritime Forum report on optimising ship calls to reduce emissions
Copenhagen
Virtual arrival and just-in-time arrival approaches proposed
PORTS
In the first quarter of this year, container traffic in the port of Gioia Tauro grew by +15.5%
Joy Taurus
Construction of the "Dockworker’s House" has begun
SHIPPING
GNV has taken delivery of the second of four new ro-pax vessels in China
Genoa
"GNV Orion" will be able to accommodate 1,700 passengers and transport up to 3,080 linear metres of cargo
PORTS
After ten quarters of decline, container traffic in the port of Hong Kong returns to growth
Hong Kong
In the first three months of this year 3.39 million TEUs were handled (+2.1%)
SHIPYARDS
Fincantieri acquires stake in WSense
Rome
The ninth FREMM unit "Spartaco Schergat" delivered to the Italian Navy
PORTS
Container traffic at the ports of Long Beach and Los Angeles increased by 26.6% and 5.2% in the first quarter
Long Beach/Los Angeles
Trump's tariffs impact imminent
PUBLICATIONS
The new edition of the Practical Manual of Maritime Traffic has been presented
Genoa
Written by Assagenti, it turns fifty
PORTS
In the first three months of 2025, the port of Singapore handled 10.5 million containers (+5.8%)
Singapore
In weight, containerized traffic recorded a decrease of -1.4%
PORTS
Regulations signed for LNG bunkering at Fincantieri shipyard in Genoa
Genoa
Define the methods of transferring fuel from ship to ship
SHIPYARDS
Historic shipbuilding brands Uljanik and 3.Maj on the verge of extinction
Zagreb
The State confirms its intention to sell the shipbuilding activities at the two sites of Pula and Rijeka
INSURANCE
Cambiaso Risso has completed the acquisition of the French Somecassur
Genoa
The transalpine company specializes in the insurance of super and mega yachts
RAILWAY TRANSPORT
New weekly train service between the port of Gioia Tauro and Verona
Joy Taurus/Verona
Operated by Medlog for the transport of refrigerated goods
RIVER TRANSPORT
EBRD looking for strategic partner for development of Moldovan river port of Giurgiulesti
London
International competition launched
PORTS
Turkish ports set new first-quarter cargo traffic record
Ankara
Historic peak of cargo imported from abroad
PORTS
In the first quarter of 2025, freight traffic in the port of Taranto grew by +37.6%
Taranto
Increase of 854 thousand tons of solid bulk and 265 thousand tons of conventional goods
- Via Raffaele Paolucci 17r/19r - 16129 Genoa - ITALY
phone: +39.010.2462122, fax: +39.010.2516768, e-mail
VAT number: 03532950106
Press Reg.: nr 33/96 Genoa Court
Editor in chief: Bruno Bellio
No part may be reproduced without the express permission of the publisher
Search on inforMARE Presentation
Feed RSS Advertising spaces

inforMARE in Pdf
Mobile