Maritime Cyber Security and Real-World Impact of Cyber Attacks

From the Reuters article at the bottom of this post, the most significant quote from the Cape Town Harbour Carriers Association - "Please note that the port operating systems have been cyber-attacked and there will be no movement of cargo until the system is restored."

The criticality of cybersecurity for the maritime industry continues to grow as port systems further improve innovation, efficiency, and connected shipping operations. 

Cyber events and attacks are almost immediately translating into real-world shipping delays and business interruption for those in the shipping industry, but also financial and even physical harm to those waiting on foods, medicine, or other materials further down the supply chain.

There are many things that executives can do today to improve our security globally in the industry:

• Implement multi-factor authentication
• Ensure incident response plans (incl. BC/DR) are up to date, have playbooks for common threats, conduct tabletops
• Educate employees on common attacks / phishing, etc.
• Encourage employees to maintain unique, complex passwords for login
• Keep systems patched / up to date – get rid of older ones
• Improve endpoint protections and configure properly
• Segment networks and data to avoid incidents spreading
• Have the insurance and risk transfer discussions needed
• Tabletop exercises to game out if the unthinkable happens
• Pre-arrange your third-party incident response team 

Besides working directly with many companies in the industry on the above list and conducting executive table tops, penetration testing for ports, the strategies for insurance, and cyber incident response, here are some recent public-facing collaborations with executives leaders across the maritime industry working diligently to improve the security of their ports, companies and supply chains.

Cyber Security on Land and at Sea - Special Issues for the Marine Claims Industry

• https://www.linkedin.com/pulse/cyber-security-land-sea-special-issues-marine-claims-bryan-hurd/

"Level I.T. Up! Executive Leadership and Maritime Cyber Security" March 2021

• Thank you to Infragard Los Angeles and the team at Cyber Threats and Defense in a Maritime & Intermodal World - National Symposium for hosting my presentation where we talked with executives on ransomware, IT security strategies, cyber insurance, and incident/breach response in the maritime industry.

For the article on the recent event in Cape Town

Cyber attack disrupts major South African port operations | Reuters

Written by Bryan Hurd

A seasoned cybercrime, computer security and homeland security professional with over 20 years of founding programs that make the lives of people across the globe better. Accomplished organizational spokesperson, public speaker and advisor to CxO level and national level executives.

I am seeking opportunities where my strategic expertise can be applied to solve overwhelmingly complex problems and have a lasting positive impact on the lives of others.

In my career to date, have been honored to work collaboratively and share my journey with some of the world’s smartest teams to protect the lives and livelihoods of millions. Organizations with a mission to make lives and communities better are especially of interest to me, as they align with my core values and a deep sense of service to others.

My ability to apply very positive and transparent leadership to direct teams of investigators, developers, data scientists, data visualization experts, and other professionals was core to success and well-being of the team.

We worked very hard, created innovative solutions that last, and had a great deal of fun doing it.

Highlights:

o First Ever Director of Intelligence / Advanced Analytics, Microsoft Cybercrime Center (2013-2015)

o Chief of Operations, Directorate of Terrorist Identities, National Counterterrorism Center (2012)

o Founder and Chief, Identity Initiatives and Innovation, NCTC (2011)

o Enterprise Knowledge Architecture and Innovation Lead for DoD Terrorism Center (2003-2010)

o Founded the DDK Intelligence Services Business Unit (2006)

o Founded EDS Global Computer Forensics Business Unit (2000)

o Designed & Managed NCIS Computer Investigations & Ops Analysis Center (1998-2000)

o Created the first Information Warfare Cell at U.S. European Command (1996)

o Founder of US Navy’s first ever Cyber Counterintelligence Program (1995)

o Anti-Terrorism Center Watch Officer (Board Certified) (1993)

Edited by Jimei Shen, Ryan Cunningham & Jay Devon