Earlier this week, Ince, the international legal and professional services firm, in cooperation with Mission Secure, launched a new integrated cybersecurity solution for the maritime sector as part of what is called InceMaritime. This cooperation offers the industry’s first integrated cybersecurity legal advisory, business consultancy, and technology offering helping ship owners and operators navigate the sector’s greatest challenges and IMO 2021 cyber compliance.
A Time of Unprecedented Change and Regulatory Transformation
The launch of the InceMaritime cybersecurity solution comes at a critical time for the maritime industry.
Cybersecurity remains one of the industry’s greatest challenges, and attacks are becoming increasingly sophisticated by the day. The number of cyber-attacks in maritime has increased by 400% since February 2020, and attacks on operational technology (OT) have increased by 900% over the past three years.
Following the NotPetya ransomware cyber-attack on Maersk in 2017 — which cost over $300 million in losses — there have been a series of attacks on major shipping organizations, including Mediterranean Shipping Co., Cosco Shipping Lines, Carnival Cruise Lines, CMA CGM, and most recently the IMO itself.
Additionally, as of the first of January 2021, the IMO has mandated that ship owners and managers must incorporate cyber risk management and security into the ISM Code safety management on vessels, enforced by Port State Control.
Fully Integrated Maritime Cybersecurity Offering
The launch of InceMaritime is founded on an understanding of the increasing complexities of the maritime industry and the need to provide fully integrated and all-encompassing solutions that enable organizations to respond to the challenges facing the maritime sector.
With InceMaritime, Ince and Mission Secure will provide clients with a fully integrated cyber security offering that protects on-shore and on-vessel OT networks, safeguards operations, and ensures compliance and business continuity. The joint proposition comprises:
IMO Compliance Audit: A full audit of a company’s existing policies to ensure compliance in line with the new ISM Code for Cyber Security Guidelines (IMO 2021).
On-Vessel Cybersecurity Protection: The implementation of the patented Mission Secure Platform, the first integrated platform built for OT cyber protection, which is designed to harden vessels’ control systems networks against cyber threats.
24/7 Cybersecurity Monitoring: The deployment of Mission Secure Managed Services, providing 24/7 cybersecurity monitoring, threat hunting, and incident response support to ensure continual vessel resilience for ship owners and managers.
Cyber Legal Services: Legal and crisis management services in the event of a cyber-attack to mitigate the impact on business and operations.
The integrated offering will provide ship owners, operators and managers with complete reassurance that the significant operational, commercial and compliance risks that they face from the impact of cyber-attacks are mitigated.
Further, it is intended that owners and operators who sign up to the new service will benefit from better insurance terms and preferential premiums. Conversely, protection and indemnity (P&I) clubs and insurance companies will also benefit from a reduction in potential claims.
Cyber-attacks on maritime are on the rise. A full 90% of world trade depends on maritime vessels. This unfortunately makes the maritime industry an increasing target of cyber-attacks and cybercrime. And yet, only 42% of maritime organizations report explicitly protecting vessels from OT cyber-attacks, demonstrating the lack of collaboration between IT and OT domains in maritime.
Regulatory requirements are increasing. But the industry appears unprepared for this regulatory transformation, or at least don’t have an understanding of the threat of cyber-attacks. Today, 64% of organizations report that they are struggling to keep up with the security challenge. And new IMO requirements will only exacerbate the situation. This leaves maritime operations ripe for a cyber-attack, exposed commercially, as well as in breach of new regulations.
And insurance coverage for cybersecurity losses is very low. Up to 92% of cyber-attack related costs today are uninsured, and the access and limits of coverage are often restricted. This leaves maritime organizations exposed to potentially massive, unforeseen financial costs.
The maritime industry faces many new challenges in a digitalized and rapidly changing regulatory world. Now more than ever, new approaches and ways of working are required to protect maritime organizations, as well as helping them to thrive, stimulate growth, and seize the opportunities that change brings.
There is now a fundamental requirement for ship owners and managers to implement a complete cybersecurity solution that not only ensures compliance but utilizes advanced technology to provide the necessary ongoing protection.