Maritime Cyber Security Summit

• What level of maturity is needed in cyber preparedness and incident response?
• Taking a fresh look at the sector’s unique vulnerabilities and crisis management challenges
• Moving towards a common situation awareness requirement for the maritime sector
• The increasing importance of cyber resilience in today’s threat landscape
• Constant review and testing of cyber defence capabilities
• The importance of having reliable disaster recovery systems in place

• Where are we in terms of a baseline and maturity levels?
• Are we learning from other sectors? If so which?
• Are we seeing a progression in public and private information sharing?
• How can we better manage risk connecting with foreign port and shipping infrastructure?
• What does the landscape truly look like from an insider view? 
• How many years could this take and what methods of best practice can we implement to move things along?

The Port of Antwerp came under sustained cyber attack in 2011-2012 from an organised crime group who infiltrated tracking systems to gain access to container security and location details. This presentation will look at how the attack prompted the development of more robust integrated security systems.

• The ever-growing importance of cyber preparedness 
• Internal collaboration for joined-up detection and response systems 
• Real time response and information sharing 
• The relationship between physical and cyber 

As one of the key critical infrastructures in Europe, ports are vulnerable to the threat of physical attack, a deliberate disruption of critical automation systems or a combined attack, with potentially devastating and far reaching consequences. The SAURON project proposes an holistic situation awareness concept as an integrated, scalable and yet installation-specific solution for protecting EU ports and their surroundings.

• Reducing vulnerabilities and increasing the systematic resilience of EU ports in the face of physical, cyber or combined threat
• Ensuring an adequate level of physical and cyber security for EU ports
• Limiting detrimental effects of any combined attack on society, civilians
• H2020 Prevention, detection, response and mitigation from threats to the critical infrastructure of Europe
• Combining advanced physical SA features with the newest techniques in prevention, detection and mitigation of cyber threat
• Developing a hybrid HSA application to project the cascading effect of detected combined threats

• What barriers are there to achieving closer coordination in addressing physical and cyber security?
• Do these two divisions speak the same language?
• How can we better align training to focus on the integration of and nexus with cyber security and physical risk?
• Embedding cybersecurity awareness across all operations
• Building a broader enterprise system to address cybersecurity
• Developing a thorough understanding of where cyber threats pose a physical threat to critical infrastructure across the whole maritime supply chain

The NIS Directive is a key piece of EU cybersecurity legislation that should be transposed into National Law by EU MS by May 2018 and will include cybersecurity provisions (baseline security measures & incident reporting) for Operators of Essential Services, with Water Transport being identified as a sector of essential services

• Situational analysis of Cybersecurity in Water Transport
• The NIS Directive and what it means for the maritime sector
• NIS Directive implementation roadmap and related activities

• The EU Directive on security of network and information systems (NIS Directive) has to be implemented by 9 may 2018, and the General Data Protection Regulation (GDPR) by 25 May 2018.
• IMO has adopted RESOLUTION MSC.428(98) (adopted on 16 June 2017) on MARITIME CYBER RISK MANAGEMENT IN SAFETY MANAGEMENT SYSTEMS and the MSC-FAL.1/Circ.3 of 5 July 2017 on GUIDELINES ON MARITIME CYBER RISK MANAGEMENT
• The presentation will try to provide an overview of these pieces of legislation interact and provide a flag- and port state perspective on what is expected to be done by the shipowner/operator.

- Many in the maritime sector are developing coherent cyber policies, a smaller number audit and monitor them to ensure they are applied. However, all aspects of maritime domain depend increasingly on mass market applications and many companies rely on suppliers that do not deal with safety or security critical systems. As a consequence vulnerabilities are inherited from other organisations.
This talk presents techniques for assessing and then improving supply chain cyber security in the maritime sector.

• Taking ownership of cybersecurity
• Managing navigation and communication systems onboard 
• The challenges of managing a fleet of ships with varying hardware and software
• Managing complexity created by expectations from coastguard, IMO, BIMCO

• What is the difference between standards and guidelines?
• What combination of certifications, industry standards and official standards will present the best options for the sector?
• How can operators steer a course that meets their specific needs?

To Sponsor drinks call or email us 
+ 44 (0)207 096 1754 
marketing@cybersenate.com

As the number of internet connected devices grows, the attack surface and number of devices that can be leveraged to launch attacks continues to expand too. If it can be programmed, it can be hacked. This daunting reality facing our interconnected and digital environments has been described as a battle to be won every day by cyber security professionals. When you combine this with easy access to offensive cyber capabilities, such as ransomware or DDoS, it has allowed cyber criminals to have an impact disproportionate to their technical know-how and skill level. 

• how has the threat landscape changed, and what can we do about it? 
• How can we better manage attack complexity? 
• Are we getting any better at validating an attack and containing it? 
• Are we implementing controls quick enough?
• How can we stay ahead of emerging threats?
• Attacker Playbooks 
• How behavioural analysis/ anomaly detection enables early threat identification 
• Real world deployment scenarios

With GPS so deeply engrained into our systems and infrastructure that it has earned the nickname “the blind utility,” it is easy to forget that GPS systems are vulnerable to attack. GPS systems can be hacked without ships or control towers even realising to potentially catastrophic effect. Using real examples this session will give the audience a masterclass in GPS spoofing, the threat it poses to the sector and how to combat it.

Several maritime shipping companies have notoriously been in the news recently following up cyber attacks that have severely compromised their operations and brand reputation. How could such attacks be so successful and effective? In this talk we will share some of the experience we gathered first-hand when performing maritime security assessments and through our research. We will drive parallels with the security approach of related industries, and we will analyse the reasons and leverages that affect the security posture of maritime transportation.

With dependency on 3rd party services for satellite communications and navigation, shipping can often only engage indirectly with cyber security issues. This panel will look at whether cyber defence can be better integrated in service level agreements, what can be done to mitigate 3rd party risk and how we deal with the new threat brought about by increased reliance on connected devices.

• How well have vendors come along in making security a core part of product development and support?
• How are they coming along in developing vulnerability response and patch delivery to users? 
• What challenges are you experiencing if any in developing end to-end assurance in your own supply chains?
• Are vendors and integrators well integrated in managing the software assurance issue on behalf of asset owners? 
• Do we have a 360-degree view of our assets and how are the C level responding to new threats brought about by IOT in the supply chain?

Details to be announced shortly

Since transitioning to the Internet of Things in 2015, Angelicoussis Group has developed mechanisms to send, receive and analyse data from vessel to office and vice versa. To support this system, we have enabled the e-SMS and e-Forms platform that can send files and documents from the office to the vessel and vice versa. Moreover, we can create applications for exchanging data with a vessel and can be potentially used to minimize work onboard. Furthermore, we gather raw data every few seconds from onboard sensors and we analyse them to provide our users with decision-making and prediction tools. 

• How the increase in mobile devices and the continued movement towards the web-based platform model is leading to greater vulnerability
• The diminishing value of firewalls and antivirus suites for network and application security
• How the IoT has created new cybersecurity requirements and the needs for extensive risk planning to identify the best approach

• Understanding the extent to which people, process and technology really are disconnected when it comes to cyber security
• The importance of board-level involvement in transforming the use of information and operational technology at sea
• Why developing a bottom-up culture of awareness with support from the top is key to maintaining cyber hygiene and fighting cyber crime
• Understanding the threat landscape and communicating effectively at all levels of the business

Cybersecurity risk management and planning varies from company to company, from industry to industry. In the shipping industry, with the use of big data and the tendency towards IoT, a company can gain strategic advantage in terms of operational activities leading to an increase in security requirements. Although data circulates under, the 3-point perspective ensuring the confidentiality, availability, and integrity of information systems the fact that there is an increasing demand and production of mobile devices and web platforms stretches the cybersecurity to proactive planning instead of the traditional reactive actions. As a result, there is a growing pursuit for automated systems and sophisticated algorithms to pre-empt threats.
While the increasing demand for security countermeasures is pushing platforms and applications to adapt, cybersecurity risk planning expands beyond IT boundaries and has direct impact to the financial services of a company. Therefore, it should be treated as any other risk managed from an organization. 
We will discuss a roadmap for cybersecurity planning and how risk management can be divided into layers. Furthermore, we will examine possible systems that can adapt in different industries leading to decision making strategies.

Cyber risk has become a leading issue for many organizations as awareness of technology related risks and cybercrime has grown and recently been amplified by reported incidents and publication of industry guidelines on cyber security. As technology continues to develop, information technology (IT) and operational technology (OT) are increasingly being networked together. The operational, safety, and security consequences for the Maritime Industry of these developments and not being prepared for a cyber incident may be significant.
 

• Why should organizations in Maritime Industry be concerned about their cyber

risk exposure?

• What are unique risks to the Marine Industry?
• Why are standard insurance policies not enough?
• How do organizations manage cyber risk – and effectively transfer residual

risk?

Most Insurance policies do not cover physical damage to ships caused by hacking attacks or navigation system interference, and a significant gap in cover has emerged. This panel discussion is an opportunity for insurers, reinsurers, ship operators and port operators to sit down together and consider cyber cover in detail and set out an action plan to address these risks

• How scarcity of data is an obstacle to mitigating risk
• Can the industry work out a way to solve the information gap?
• Is the answer developing an anonymous reporting platform?
• What will insurers and reinsurers need to see from ship and port operators
• What will the implementation of the NIS directive do to help solve the problem?

THE THREAT IS GROWING, THE MARITIME SECTOR IS NOT PREPARED
The Cyber threat is growing in shipping and ports. It is a major concern for Insurers (clause 380) as they do not know how to evaluate risk. When a Major attack occurs like Maersk with Non Petya Malware it sucks up 75% of the worlds MAritime Cyber capacity to correct and re-establish the systems. Had it affected 2 companies of a similar scale, and due to the interconnectedness of networks and systems in the Maritime transport field,   the whole maritime sector would have been brought down with out enough capacity being there to rebuild.

HOW WE CAN ALL WORK DISRUPT THE CRIMINAL BUSINESS MODEL
One problem to slowing down  the propagation rate of such attacks is getting timely alerts. This depends on cooperation between all players and competitors ( like in the Aircraft industry) to quickly report incidents.
Due to the sensitivity of such things and the international nature of the crime ( and of course the MAritime sector) a national reporting system is useless.

NEED FOR FASTER ALERTS , ANONYMOUS INTERNATIONAL  INCIDENT REPORTING
Lastly to get good data/threat intelligence  requires people reporting incidents so trends can be analyzed, threats levels established Alerts given etc. However people and companies are reluctant to report cyber incidents  out of fear of reprisals and reputation loss etc. So an Anonymous international maritime cyber incident reporting system is critical to get the criminal footprint, calculate risk and be able to set cyber insurance rates appropriately while at the same time being able to Alert people when a new threat appears and which provides tools to reduce risk. It is a collective effort by the industry. This is what CSO Alliance is offering the Maritime Cyber Alliance which is powered by the Airbus Cyber division consisitng of over 650 FTE who protect their supply chain, 130,000 employees and thousands of fly by wire planes.

We want as many vetted people and companies  as possible to join, including competitors.

AN INDUSTRY SUPPORTED VOLUNTARY PRIVATE SYSTEM FOR COLLECTIVE ACTION WITH TOOLS AND INFORMATION
We are already supported by IMO, Marshall Islands Flag, DNV-GL class , DKN war risk, North P&I  and are connected to the French UK and several other Navies and coastguards, Nato,  EU Navfor and many others.
To succeed this This must be an industry wide initiative.

We can only fight back against Cyber criminals collectively,  as no government can match the resources of these criminals who made over 50 Billion Euro with little to no risk  last year.

In short - Security through Community .
 

This presentation will look at how poor security on satcom systems, together with open source intelligence (OSINT), can be used to carry out targeted attacks. It will include:

• Live hacking demonstration of how to identify satcom systems and exploit poor security
• How ships can be detected, identified by name and tracked in real-time
• Details on what a hacker can do break into all ships systems, not just satcoms
• The potential compromise this could lead to regarding ship comms and control systems
• Detail on how crew members laptops can be compromised from social media data, and used to aid attacks against ship systems and devices