Don’t forget to check out part one of our supply chain cybersecurity series on positioning your organization appropriately to deal with the challenges and part two on focusing your cybersecurity efforts.
We live in an age of uncertainty and rapid technological advancement. For those involved in the development of new technology and innovation, opportunities have seldom been greater. But, like the proverbial afterglow of the science fiction spaceships leaping into hyperspace, behind every innovation is an industry that needs to respond to that innovation. The opportunities and risks innovation presents must be managed, and ultimately the decisions on how to use it must be made.
We see this in what has been termed the Maritime Autonomous Surface Ship (MASS). Imagine container ships, some larger than apartments buildings, running without crews or being remotely piloted from across the sea. This is not science fiction anymore. It is a scientific fact—the International Maritime Organization (IMO), the world’s oversight body for safe shipping, is looking at the issue as we speak. The Maritime Safety Committee (MSC), formed out of SOLAS which itself was a response to the sinking of the Titanic, has started the work to build a regulatory framework to guide the industry’s innovation.
For those involved in the shipping industry, this is where you need specialized problem solvers. Whether it is looking at how to interpret and implement the International Association of Classification Society’s (IACS) Recommendation 166 with respect to cybersecurity for safety significant equipment or ensuring that the overall cybersecurity of the system consisting of ship operations, direction, and support meets reasonable expectations, you need problem-solvers and people who are used to the innovative space.
This is where you need to step beyond the traditional ‘checklist’ approach to security. These people, while well-intentioned, may not be well-equipped to handle the innovative space. At the same time, you don’t want to lose the traceability to what is considered sound practices as you will likely be challenged at some point to demonstrate that your innovation isn’t posing an unacceptable or unforeseeable risk.
Cybersecurity for the maritime industry is complex
Not only does it involve significant innovation and large-scale applications of technology, but it also operates in a complex set of regulatory regimes and across what may be called contested or difficult environments. As it navigates through these complex environments, it is constrained by tight margins and narrow windows of opportunity. Delivering people and goods so that they arrive at their intended destination on time, in good condition, and for a reasonable cost is rarely a simple task.
The IMO MSC 104 has agreed to develop a goal-based instrument for MASS with a target completion year of 2025. The International Association of Classification Societies, a body that focuses on “safe ships and clean seas” and that provides technical support to maritime safety and regulation, has already published recommendations that touch upon this space.
The time is now to understand what is coming into the maritime industry. The tides are turning within the industry, and we know that fighting the tide is an effort in folly. Fools sit their thrones in it and order the sea to stop. Wiser leaders look to the moon to strategize around overcoming challenges and capitalizing on opportunities. After all, the tides are nothing if not predictable. The time to spin up your capability to understand these challenges and identify new opportunities is now, and we’re here to help.
Mariner Security Solutions Team