Opinion
How the coronavirus is forcing the shipping industry to make cybersecurity a priority
- Ships plying the world’s oceans play a crucial role in overcoming supply chain bottlenecks stopping the flow of food and medical equipment
- The pandemic is pushing firms to innovate and find ways to remotely perform audits, inspections and other tasks typically done in person
However, the ships plying the world’s oceans play a crucial role in overcoming supply chain bottlenecks in food and medical equipment that have left billions of people in limbo. As we rebuild the architecture of global logistics, securing these essential carriers of humanity’s means of survival should be a top priority.
A quarantined labour force created human resource shortages in one of the most essential activities – moving necessary commodities and goods around the world. As such, the discrepancy between concerns about security for Zoom calls and inattention to maritime security standards is ironic.
05:22
Huawei founder on cybersecurity and maintaining key component supply chains under US sanctions
Global shipping has also been a focal point in efforts to combat rising protectionist measures such as tariffs and export restrictions on medical equipment and food. During this period, 20 major ports signed an agreement to keep maritime trade open, especially for these critical goods, helping alleviate shortages.
The maritime domain, therefore, is critical infrastructure. As the world shifts toward securing a decentralised work environment, it is worth noting a rise in cyberattacks against “soft targets” such as ships and oil rigs.
For example, a hack on Maersk’s infrastructure in 2017, although Maersk was not the original target, cost the company more than US$300 million. Another attack that targeted Cosco in 2018 and an attack on MSC this April similarly led to widespread consequences for company operations.
As cybersecurity services provider to the sector, we are aware of several additional, undisclosed attacks. It is evident that maritime infrastructure must be strengthened in a manner fitting its already decentralised structure.
The same cannot be said for cyber threats, which blur the lines between national security interests and the private sector in ways physical threats do not.
This implies that the insurance industry could be an important market maker for maritime security reforms by putting the onus on the security of digital fleet management in its requirements around pricing and policymaking.
Paradoxically, insurance coverage for cyber issues remains lacking in the maritime space, with even the most well-established underwriters and brokers seemingly reluctant to offer comprehensive products. Gradually, however, this is changing and progressive players in the industry are likely to capitalise on the hesitation of the followers.
Digitising fleet operations and management began before Covid-19, but a wide range of functions that require in-person visits may need remote solutions in the new normal. These include safety audits and inspections, maintenance protocols, hardware and software upgrades and others.
Furthermore, the more complex maritime and port operations become and the more sensitive the cargo, the more we need cutting-edge solutions to safeguard digital integrity. In essence, ships must be made unhackable.
05:59
Coronavirus: What’s going to happen to China’s economy?
Industrial security, including critical operational technology, can no longer be the neglected stepchild of IT policy. Although maritime industries at large, including merchant marine and offshore oil and gas, are process-driven with significant documentation requirements and attuned to system audits, these have traditionally been done in offices or on-board vessels.
The shipping industry must adapt to a world of low oil demand in which it takes on new purposes as well as to forward-looking demands for digital integrity. Consolidation may provide an opportunity to commit the resources necessary to improve cybersecurity across fleets and assets.
In maritime operations, though, vessel hardware is rarely updated. Owners are only beginning to address the issue and should learn from other industries’ experiences. Intensive digitisation, better satellite coverage, lower data costs, new on-board equipment and Covid-19 responses are pushing innovations.
One major priority is business continuity planning, which requires a stronger and more efficient marriage of operational and IT policies. An inherent challenge for business continuity plans facilitating a remote working environment in the shipping industry is that IT has largely never been considered a strategic function within most shipping and maritime organisations. That must change.
The demands imposed by the coronavirus, cyberattacks and oil price crash require nothing less than this fundamental overhaul in how the maritime industry functions.
Parag Khanna is managing partner of FutureMap and author of The Future is Asian. Mikhail Zeldovich is chairman of Cocoon Capital and an investor in the cybersecurity solutions company Oceanshield. Brian Worning also contributed to this article
Recommended for you