CRIBB Cyber Security is the cyber security arm of TheICEway, our ecosystem of companies that also counts ICE Technology Services and eTestware amongst its numbers.
Just recently we revealed that CRIBB Cyber Security had launched a new solution aimed at helping those in maritime achieve and exceed the required levels of cyber security compliance.
An increase in both on- and off-shore cyber-attacks combined with a lack of frameworks and guidance in place to cover cyber security issues within maritime gave us here at ICE Technology Services no doubts as to one of the key areas we needed to turn our attention towards this year.
With more than 20 years’ experience in cruise and travel, ICE Technology Services has helped a wide variety of different clients over that time and are always looking to innovate and take a proactive stance, whether that be with consultancy or managed services, or with our offering via theICEway: development, testing, future technologies (AI / VR) or cyber security .
theICEway enables us to provide expert, professional guidance in all of those areas listed and more, but we do understand and appreciate that whilst some clients need assistance and help across the board, others need us to be more targeted with them in our combined efforts.
Which brings us back to cruise and cargo, and more specifically, the increase in cyber security awareness that has been facilitated in recent years in the wake of increased email phishing and malware intrusion attempts amongst a great many other types of attack.
Indeed, as recently as May of this year the US Coast Guard issued a safety bulletin urging higher vigilance against “cyber adversaries”. BIMCO, the largest of the international shipping associations representing ship owners, have also been well aware of the growth in danger, themselves being the co-authors of 2016’s “Industry Guidelines on cyber security onboard ships” initiative in association with CLIA, for which theICEWay is the current chair of the CTI. This is a specific group established within CLIA for when Cruise Line Executives and Technical CLIA Executive partners are setting IT strategy for the Cruise industry.
BIMCO’s very active role at the International Maritime Organisation (IMO) this year has led to a number of figures within maritime now looking to put cyber security at the forefront of their plans.
The Guidelines set out some very clear areas of focus that those in the shipping industry should aim to embrace in the pursuit of combatting cyber-attacks and threats, including:
- Training for all staff
- Adapting Safety Management Systems to incorporate cyber risk management, with Cyber risk management processes to be constantly evaluated
- Policies, business and technological approaches designed to manage the risks should all be in alignment
The CMCA solution was designed to provide companies with a framework that would enable the implementation of the guidelines based upon the ISO27001 security standard and on UK government-backed Cyber Essentials framework and tools.
The ultimate goal is to combine the solution itself with the expertise offered by CRIBB and ICE Technology Services so that clients can effectively have the best of both worlds. Those turning to us and CMCA will benefit in numerous ways:
- All of their employees will have been informed of all changes, with their roles moving forward clearly defined and the relevant training provided
- They will have a defined policy for data protection and have identified that data is being processed on a lawful basis
- They will have implemented robust procedures for data subject access requests
All that and so much more…
Surely the perfect time to take positive action with regard to cyber security is now? CRIBB Cyber Security’s Technical Director / Certification Auditor / International DPO, Patrick Carolan, certainly thinks so:
“The impact of technology on our day-to-day lives is something that is ever-growing. Gone are the days where you needed a degree to understand how to attack a device or a piece of software. Today, malicious software and the knowledge of how to use it is rife and cyber security, although once a secondary thought, is now very much an urgent requirement particularly in the cruise and cargo industry. Unfortunately, due to a laissez-faire attitude historically and a real upturn in people targeting shipping in recent years, maritime cyber security is a very hot topic right now. “
Unfortunate, certainly, but also fortunate in one sense because these points have led to and are leading to change. Change is a necessity and ICE Technology Services along with our cyber security arm CRIBB, under theICEway ‘umbrella’, can help you achieve this change WAY AHEAD of those waiting for more updates from BIMCO and the IMO.
Whilst there are standards on the way from the shipping associations, we remain fully confident that the security framework we propose will put companies in a great position to apply the new standards when they are published, so you will certainly not be wasting any time by completing the CMCA framework now.
By contacting us now you can take huge steps forward towards not only achieving the minimum level of compliance but going further than that, with our unique CMCA solution.
CMCA – A step in the right direction TODAY
CRIBB Maritime Cyber Assurance is recognised by the IASME Consortium and offers an affordable alternative to ISO27001. This unique solution is designed to allow clients to increase their levels of protection and improve their defences. CMCA assesses data protection readiness so that as high a level of compliance as possible can be achieved, ultimately allowing for higher profit margins as business processes are improved upon and efficiencies are maximised.
We have already seen how maritime is a particularly vulnerable area that is being targeted with a greater degree of frequency, and that is precisely why we have taken the necessary steps to tailor a solution specifically for cruise and cargo – also bearing in mind the fact that there are currently no straightforward solutions available – and it is not hard to see why clients are already turning to us for help.
For more information on the CMCA solution click here…
Glossary
AI / VR – Artificial Intelligence & Virtual Reality
BIMCO – Baltic and International Maritime Council
CMCA – CRIBB MARITIME CYBER ASSURANCE
CRIBB – CRIBB Cyber Security
IASME – IASME Governance, an Information Assurance standard, is designed to help improve the cyber security of SMEs (Small and medium-sized enterprises)
ISO27001 – The international standard designed to help organisations manage their information security processes in line with international best practice. Also helping to optimising costs, it provides the specification for an information security management system (ISMS).
TheICEway – An ecosystem of companies comprising of:
- ICE Technology Services (Managed Services & Consultancy)
- CRIBB Cyber Security (as above)
- eTestware
- AI / VR Labs
- ICE Rapid Development
Leave a Comment