“Take the time to prepare and focus on prevention” was the message from the panellists in our webinar on cyber attacks in the shipping industry last week. Mark Johnson, Counsel in our shipping group, led a discussion with John Boles, Director of Navigant, Griff James, Director of DAMROD and Philip Thomas, Counsel in our IP, Tech & Data team.
John Boles emphasised the importance of “identifying your crown jewels” to ensure that resources are allocated to protecting your most essential assets. Once you have identified the ‘crown jewels’ it is equally important to identify the flow of data to and from these systems, according to Griff James, as it is these access points in and out of the system that are the weak points which could enable someone with malicious intent to enter the system.
The maritime industry is well versed in running drills and providing training: the addition of cyber training should be a key focus of shipping companies and their insurers going forward. “Embed cyber awareness into your company”, advises Philip Thomas: you need to ensure not only that the right policies are in place, but also that there is sufficient ‘buy-in’ for them at all levels of the company and a proper governance framework to ensure they are followed.
It is clear that, as the industry continues to embrace technology and with the data protection landscape about to become a lot more punitive, cyber security will remain a vital aspect of any risk management plan.
Source: Reed Smith