The European Network and Information Security Agency (ENISA) has recently published its first ever report on cyber security challenges facing the EU Maritime Sector. The report, which is meant to highlight essential key insights and existing initiatives, serves as a baseline for the growing cyber-security threats facing all industry sectors and provides high-level recommendations for addressing these risks.
Perhaps unsurprisingly, the report found that the overall awareness and preparedness of EU member states for maritime specific cyber-attacks is currently low to non-existent; an alarming find considering 90% of the EU’s external trade and more than 40% of the internal trade take place via maritime routes.
While ENISA admits that ensuring adequate maritime cyber security and protection of ICT (information and communications technology) systems is a major challenge that is in no way limited to the maritime sector, more can be done.
First, ENISA recommends EU Member States undertake targeted maritime sector awareness campaigns (see gCaptain Advertising) and cyber security training for shipping companies, port authorities and so on. On the other hand, policy makers need to prioritize cyber security aspects as they would (or do) with physical security and safety aspects facing the maritime industry.
Given the reports findings, ENISA strongly recommends a holistic, risk-based approach that includes assessment of maritime-specific cyber risks, as well as identification of all critical assets within this sector.
“This report positions maritime cyber security as a logical and crucial next step in the global protection efforts of ICT infrastructure,” said Executive Director of ENISA, Professor Udo Helmbrecht.
It will be interesting to see how the industry reacts to the findings and how, or if, the recommendations will be implemented.
The full report can be downloaded HERE