The U.S. maritime industry as a whole is not prepared to respond to today’s cyber threats, putting it at severe risk of being targeted, according to a new maritime cyber security survey of key maritime stakeholders.
The survey, described as a first of it’s kind in the U.S., was conducted by the maritime practice of the law firm Jones Walker, LLP. It reflects the responses of 126 senior executives, chief information and technology officers, non-executive security and compliance leaders, and key managers from U.S. maritime companies.
The results of the survey, announced at the Marine Technology Society and IEEE Oceanic Engineering Society’s prestigious OCEANS conference, confirm that rapidly evolving technologies deployed throughout the U.S. maritime industry as way of increasing efficiency and competitiveness also present significant cybersecurity risks, which the industry as a whole is unprepared to shoulder.
According to the results, nearly 80% of large U.S. maritime industry companies (of more than 400 employees), and 38% of all industry respondents reported that cyber attackers targeted their companies within the past year. 10% of survey respondents reported that the data breach was successful, while 28% reported a thwarted attempt.
The survey also found that there is a false sense of preparedness in the U.S. maritime industry. While 69% of respondents expressed confidence in the maritime industry’s overall cybersecurity readiness, only 64% indicated that their own companies are unprepared to handle the far-reaching business, financial, regulatory, and public relations consequences of a data breach.
“The U.S. maritime industry is sailing too close to the wind when it comes to cybersecurity,” said Andrew Lee, Partner and Co-Chair of the Data Privacy Group at Jones Walker and Co-Author of the Maritime Cybersecurity Survey White Paper. “While industry stakeholders are educated and aware of the severe implications of a cyber attack, in many respects they are unprepared for the severe fallout from a major cyber attack.”
In terms of company size, small and mid-size companies were found to be far less prepared than larger companies to respond to a cybersecurity breach. While 100% of respondents from large organizations indicated they are prepared to prevent a data breach, only 6% of small company (1 to 49 employees) respondents and 19% of mid-size company (50 to 400 employees) respondents indicated preparedness.
“The survey strongly illustrates that industry preparedness is dependent on two factors: company size and recent experience as a cyber attack target,” commented Hansford Wogan, an attorney at Jones Walker and co-author of the Survey White Paper. “There are enormous risks to the industry as a whole. Yet, the survey indicates that only the larger U.S. maritime industry companies seem to have this threat on their radar, while the smaller and mid-sized companies are mostly unprepared.”
To download the full cyber security white paper, visit the Jones Walker LLP Maritime Cybersecurity Survey website.