Story image

Singapore committed to shaping the future of a cyber-smart maritime industry

07 May 18

The Maritime and Port Authority of Singapore (MPA) and the Singapore Shipping Association say they are committed to promoting greater awareness and knowledge sharing about cyber threats affecting those in the maritime industry.

In April the two firms presented a seminar that analysed the latest developments in the threat landscape, and how the industry can build stronger defences against current and emerging cyber risks.

"Cybersecurity today has vaulted to the forefront as a key challenge that the maritime industry must take seriously and view as a business priority," commented MPA chairman Niam Chiang Meng at the event.

“We need to move beyond awareness towards action. This means investing in necessary measures, be it system enhancements, process changes or people development to be cyber resilient,” said Niam.

CSA Singapore chief David Koh spoke on building cyber resilience in the maritime industry, and ten other speakers also addressed challenges ranging from managing shipboard cybersecurity to tools that can address cyber threats.

MPA says it is working on a range of initiatives to protect the maritime industry.

MPA says it will launch a 24/7 Maritime Cybersecurity Operation Centre by Q3 2017 to deal with maritime cybersecurity and critical information infrastructures.

The centre will focus on early detection, monitoring, analysis, and response to potential cyber attacks.

Niam also explained that MPA is developing a Maritime Cybersecurity Research programme with the help of Singapore Maritime Institute and Institute of Higher Learning partners.

The programme will focus on the protection of maritime cyber-physical systems, such as smart power grids, autonomous vehicle systems, process control and robotics, and automatic pilot avionics.

MPA is also working with Singapore Polytechnic to develop a cybersecurity awareness course for ship officers, managers, and shipping company superintendents so that they can gain more knowledge about managing cyber risks.

MPA works with other ports around the globe through a multilateral alliance called chainPort, which helped to alert MPA about the WannaCry and NotPetya attacks that happened last year.

“The advance warnings gave us a few hours of lead time to alert our key stakeholders to heighten their cybersecurity posture and to take necessary mitigation measures to contain the attacks. This highlights our need to create a network of international community for sharing information, security tools and solutions in countering cybersecurity threats,” he said.

Niam says that MPA has also formed a Port Authorities Roundtable Cyber Security Correspondence Group that enables information sharing for early cyber risk detection.

MPA will also work with the Singapore Shipping Association to establish the Singapore Maritime Focal Point Correspondence Group on Cybersecurity.

"Digitalisation is here, and you'd better embrace it. Cybersecurity today is a key challenge that the maritime industry must sake seriously and view as a business priority. We need to move beyond awareness towards action," Niam said.

“This means investing in necessary measures — be it system enhancements, process changes or people development to be cyber resilient. We also need to be smart and protect the core systems, distinguishing them from the less important ones for cost efficiency.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.