Inmarsat offers risk assessment for cyber security industry working group

30 May 2017: Inmarsat is giving its full backing to a new Joint Working Group (JWG) formed by the International Association of Classification Societies (IACS) to develop a coordinated position on cybercrime and its prevention.

One of the maritime industry’s leading commercial satellite service providers said that stakeholder unity was critical in meeting the unpredictability of the cyber security threat to shipping.

IACS sees the JWG approach as key to driving pan-industry technical or policy initiatives forward where the issue identified affects not only IACS Members but other parts of the industry.

Cyber threats

Inmarsat is a founding member of the group, which is being led by George Reilly of ABS and has been charged with evaluating measures to develop standardised industry practices to oppose maritime cyber threats.

“The primary aim is to provide a forum for active communication among industry groups that have an interest in the production, use and operation of cyber systems,” says Mr Reilly. “That includes a common understanding and sense of the technology as it develops, and direction and strategy for effectively managing cyber systems.

“The JWG can also assist in developing, reviewing or refining standards, operating procedures and best practices.”

Protecting shipping

Peter Broadhurst, Senior Vice President Safety and Security, Inmarsat Maritime, commented: “There have been some very valuable initiatives on cyber-crime awareness and prevention, but the maritime industry needs to move beyond a fragmented response.

Inmarsat is committed to protecting the shipping industry from both the technical and operational point of view, which demands joined up thinking against criminals whose points of attack can be so unpredictable as to sometimes seem random.

“Inmarsat is putting the most extensive connectivity framework available at the JWG’s disposal. The aim is not for identical standards to be developed everywhere, but for consistency of approach in risk management.”

Industry-wide participation

Inmarsat will launch its own Unified Threat Management cyber security solution for maritime customers later this year, but Mr Broadhurst emphasised that the cyber security working group was neutral in terms of commercial interests. Its aim was to attract industry-wide participation to encourage shipping to speak with a coherent voice on cyber security.

The group recognised the value of conducting a risk assessment workshop and assistance was offered by Inmarsat who retained Professor Paul Dorey of Chief Security Officer Confidential and Visiting Professor in Information Security, Royal Holloway College as group facilitator to ensure impartiality.

Professor Dorey has more than 25 years’ management experience in information security, and offers insight on the digital security of process control systems.

“Cyber security investment needs to be appropriate to the risk, as nobody has the luxury of bottomless digital budgets,” said Professor Dorey. “The more we digitise, the more interesting the systems become to cyber attackers and the more significant the potential impact could be when they do attack.”