Digital Edition

July10, 2017

Issue link: https://jocdigital.uberflip.com/i/843264

Contents of this Issue

Navigation

Page 61 of 63

TRADING PLACES 62 THE JOURNAL OF COMMERCE www.joc.com Mark Szakonyi JULY 10.2017 GLOBAL CYBERSECURITY STRATEGY NEEDED THE ALARM BELLS have been ring- ing for years, from a cyberattack on the state-owned Islamic Republic of Iran Shipping Lines to organized crime hacking the port of Antwerp. But it took a June 27 ransom- ware attack on Maersk Line that crippled its terminal arm and pre- vented new bookings to bring home the scope of the danger posed to the container shipping industry. The inclusion of Maersk Group in the attack that hit pharmaceutical giant Merck, the Ukrainian government, TNT Express, and other companies shows that scale of risk to the mari- time industry is global. The hand-wringing over the coming weeks will come to much talk and little action if the industry doesn't come to grips with its limi- tations in preventing future attacks. Just as painful is the need for ben- eficial cargo owners (BCOs) and transportation providers to accept that despite their best efforts, there's no guarantee future cyberattacks can be prevented, putting the mali- cious digital disruption on a list that includes severe weather, piracy, and labor action. First, the industr y needs a strategy, as there isn't one on how to prepare and respond to cyberat- tacks, according to the Brookings Institution and the European Union Agency for Network and Informa- tion Security. The International Ship and Port Facility Security gives guidance on how to secure com- puter systems, but how it defines the systems is inconsistent and lacks clarity, Canada has pointed out. The IMO approved Interim Guidelines on Maritime Cyber R isk Man- agement last year, but as its name suggests, it's voluntary, not manda- tory, noted Norma Krayem, a senior policy adviser at legal firm Holland & Knight, in a January report. It's a little more promising on the US port side. The US Coast Guard will soon release highly anticipated policy guidance that will begin mov- ing the agency's oversight of cyber risk from awareness and recommen- dations to actual regulations, Paul Thomas, assistant commandant for prevention policy, said at a shipping conference in Stamford, Connecti- cut, in March, according to Fairplay, a sister product of The Journal of Commerce within IHS Markit. "This new phase beyond aware- ness is focused on the basic compo- nents of governance that we can all use to get at the risks associated with the operations and maintenance of existing cyber systems, and can help mitigate the risks inherent in these systems because of how they were designed and integrated into your ships before you were focused on cyber," Thomas said. More money is needed to help US ports beef up their cybersecu- rity. Roughy $100 million annually is shelled out to ports nationwide, but that isn't enough to expand the focus from the physical to the digital. The American Association of Port Authorities estimates ports need at least $400 million annually. Containers lines also need to step up. Although carriers became aware of the cyberattack threat over the last 12 to 18 months, there's still reluctance to dig into the state of their protections, and then shore them up as needed, said Lars Jensen, co-founder of CyberKeel, a cyber- security services provider to the maritime industry. "This is a situa- tion which is incongruent with the strong drive toward automation and digitization in the industry," he said. But just as a lack of money has prevented carriers from adopting the digitalization BCOs clamor for, the industry's deep losses, along with the resource drain from latest wave of consolidation and new alli- ances, have made it hard for them to upgrade their systems for protection against cyber threats. This is not an excuse, but context that shows that until the container line industry gets on better financial footing, the level of service and abil- ity to keep operating while fending off cyberattacks will be in ques- tion. In fact, carriers' ability to fend off cyberattacks and ensure BCOs delivery of their containers could become a competitive edge. More the pity that Maersk Line's effort to lead the industry into digitalization has been besmirched by the dark side of data revolution. JOC Contact Mark Szakonyi at mark.szakonyi@ihsmarkit.com and follow him on Twitter: @szakonyi_joc. "This is a situation which is incongruent with the strong drive toward automation and digitization in the industry."

Articles in this issue

Links on this page

Archives of this issue

view archives of Digital Edition - July10, 2017