Mr. Fan Zhang is the Cyber Security Business Manager for Lloyd’s Register for the Asia Pacific Region, he is responsible for growing Lloyd’s Register’s cyber security operation in the Asian market and has worked in roles that focus on bringing cyber security into the emerging market such as the marine and offshore industry, with service offerings including assurance testings, information security consulting and managed security services. He pointed out that Cyber security is a new battlefield for the shipping industry in 2019 International Ship Management and Technology Forum on 4th Dec.

 

Mr. Fan quoted from Maersk Chairman - Jim Hagemann Snabe that “the impact of “NotPetya” is that we basically found that we had to reinstall an entire infrastructure… we had to install 4,000 new servers, 45,000 new PCs, 2,500 applications.” He said NotPetya Malware total global losses could be $2.5 - $3bn.

 

Having spoken to more than a hundred shipping companies on cyber security, Mr. Fan shared that many players in the shipping community are at a stage of complete unreadiness or partial readiness when it comes to cyber security, because those organizations could not see the return on investment (ROI) on cyber. However, the potential cost of inaction is very high. The marine industry needs to approach cyber security in the same way it treats safety & environmental issues. 

 

“Infamous cyber-attacks proliferate in 2019, cyber-attack to marine and offshore companies like James Fisher, PEMEX, and Norsk Hydro are all cases where hacking groups getting access to the corporate network and endpoint to different degrees. There are also global APT groups who target the maritime industry especially those involved in maritime technologies. VSAT connectivity, smart ships, intelligent operations and remote control all increase threat and risk levels on our most critical assets.” 

 

“Obviously regulators such as IMO, the flag states, OCIMF and rightship play an important role in driving cyber initiatives in the maritime industry”, Mr Fan said, “however, we need to ensure that the regulators, owners and operator do not only look at it as a paper-exercise. In the past..in fact in the present day too, many companies still view cyber security is an pure IT issue, and the IT team only focuses on the perimeter defense. There is absolutely no accountability from the senior management and the members of the board. This has to change, right now.” 

 

The latest study conducted by Ponemon Institute and reported by IBM security put the data breach lifecycle across all industries at a staggering 279 days, which means that it takes on average 279 days for a company to recover from the incident from the time they were first breached, and this is way too long. The industry needs raise the awareness on cyber threats, adopts a risk-based methodology to protect their critical assets, and greatly cut down the amount of time spend on detection and response to a cyber-attack.

Please Contact Us at：

admin@xindemarine.com