Shipping is eternally one of the world’s most underrated and overlooked industries. For a business that transports 80% of the planet’s energy, commodities, and goods, it disappointingly slips under the radar when it comes to industries that have to be protected. However, this sleeping giant of an industry is slowly waking from its slumber and beginning to take action of its own. Authorities across the sector, IACS and Maritime and Port Authority of Singapore included, have begun to take cyber security seriously and strategise their responses.

The risks for trade

The absolute worst question to ask anyone working in risk or cyber security has got to be: “Come on, what’s the worst that could happen?” In maritime trade, the worst that could happen is an absolute catastrophe! Ships are responsible for transporting such a massive volume of goods around the world that even a small incident could have a tangible onward impact on millions of lives as goods disappear from shops for a short while, or prices even rise slightly due to a local shortage.

This was never seen clearer than the 2017 cyber attack on Maersk which disrupted their global network, which accounts for 15% of all seaborne trade. The delay affected hundreds of millions, with Mumbai, New York, Los Angeles and Europe’s superport of Rotterdam all feeling the brunt of Maersk’s lax cyber security.

Thankfully, it is since this incident that the renewed emphasis on proper risk management and cyber security, which have gone hand in hand, has emerged in the sector.

How to defend yourself?

Proper risk management and cyber resilience always requires an approach that prepares for every possible eventuality. In the past, this would have taken hundreds of hours to manually prepare for, but in this modern world of rapid technological innovation it is much easier to find systems that can identify, assess and manage risks on both the physical and logistical sides of the network.

The goal is to develop risk infrastructure that combines all this with an incident response programme which keeps continuity in the business while the incident is dealt with.

Firms can also improve their own situations by working alongside their peers to build collective security, building ecosystems of risk management that only work to improve the risk management of the sector as a whole. When it comes to cyber security, there is no danger in working alongside those one would normally label competitors, as the enemy is a common one.

What does the future hold?

The future of cyber security does look bright. With the fiascos of high-profile incidents like Maersk in 2017 in the past, and the International Maritime Organisation ruling that cyber security must form part of Safety Management Systems by 2021, changes will be made in the very near future.

The focus will rest on the development of bespoke systems for the industry, as it has become clear that generic infrastructure does not have the depth nor the breadth to cover the needs of the sector. The sheer expanse of what shipping includes makes it a challenge for any protection system. Personnel, cargo, ships, logistics, IT and ports all have to fit under the proverbial umbrella, with each aspect requiring its own cyber security solution to fit its needs.

The challenge is massive, but we have all the faith in the world that this puzzle will be solved.