Role-based training a priority to combat maritime cyber risks
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Maritime operations run on tight schedules and thin margins, and as ships, terminals and supply chains connect systems for visibility and efficiency, attackers gain paths to entry. Cyber risk has become an operational reliability and safety concern, not just an IT issue.<\/p>\n
\u201cWhether we are looking at this challenge through an operational or organizational safety lens, cyber risk is a critical business risk. An incident will impact everyone,\u201d says Michael DeVolld,<\/a> senior director of maritime cybersecurity at ABS Consulting.<\/p>\n \u201cWhile it\u2019s true that digital ships feature more sophisticated and secure technologies, the cyber risk has not changed: ransomware continues to pose a major threat,\u201d explains DeVolld. He describes ransomware as taking down an organization\u2019s computer systems, impacting its entire operational and financial networks, until a ransom is paid, pointing to recent disruptions across busy ports in North America, Australia, Europe and Japan.<\/p>\n According to DeVolld, the push to integrate IT and operational technology (OT) for analytics and predictive maintenance has expanded the attack surface. With the industry increasingly reliant on digital systems, he warned, \u201cthere\u2019s an increased risk of external cyber threats.\u201d<\/p>\n Foundational controls still close the biggest gaps, says DeVolld, adding that patching and updating software, limiting network access and implementing multi-factor authentication are foundational cybersecurity measures that would go a long way toward safeguarding systems.<\/p>\n Citing observations from the U.S. Coast Guard (USCG), DeVolld notes that while the number of reported ransomware attacks is down, the cost is up. The operative word, he stresses, is reported.<\/p>\n \u201cNot all incidents are reported, which is a key issue since regulators and the private sector need to communicate and collaborate to tackle this threat together,\u201d he says. \u201cThe goal we all share is to protect the industry as a whole, and especially to safeguard the world\u2019s largest supply chain.\u201d<\/p>\n DeVolld answers that this is plausible but not likely due to the safety systems and human procedures built into commercial maritime operations. Even so, he cautions that modern ships tie navigation, propulsion, dynamic-positioning, ballast automation and cargo-handling into the same digital backbone that shoreside personnel can reach for analytics and remote support.<\/p>\n If an attacker slipped through weak remote access or an unpatched workstation, \u201cthey could push legitimate-looking commands straight to safety-critical equipment and change a vessel\u2019s behavior in real time should all other safety and human oversight processes fail,\u201d he says.<\/p>\n The answer is to treat cyber risk exactly like any other safety-of-navigation hazard, DeVolld says, by implementing International Association of Classification Societies Unified Requirements (IACS UR) E26\/E27 and International Electrotechnical Commission (IEC) 62443 controls and segmentation, enforcing multi-factor authentication on remote access, maintaining rigorous patching and continuously monitoring OT traffic.<\/p>\n Network-connected OT in port facilities and shore-side are being targeted, DeVolld confirms, explaining that many environments still rely on outdated software and protocols and insufficient access controls. Breaches can disrupt global trade flows, delay cargo deliveries and damage relationships with customers and partners, with consequences that \u201cextend far beyond immediate operational impacts.<\/p>\n DeVolld highlights high-volume corridors where a single node outage can cascade. The English Channel and Dover Strait funnel North\u2013South Atlantic traffic. The Strait of Gibraltar is a narrow neck for Asia, the Americas and Northern Europe flows. Northwest gateway ports, like Rotterdam, Antwerp-Bruges and Hamburg, move a large share of containerized imports as well as refined products, liquefied natural gas (LNG) and chemicals. \u201cEven a 24-hour cyber stoppage at Rotterdam\u2019s Maasvlakte terminals would strand tens of thousands of twenty-foot equivalent units (TEU),\u201d he says,<\/p>\n Each node couples dense physical traffic with complex, network-connected terminal operations, so resilience should be treated as a shared critical-infrastructure obligation, supported by OT hardening, drills and transparent information-sharing under the EU\u2019s Network and Information Systems Security Directive 2.0 (NIS2). Vessel traffic service (VTS) centers are also key dependencies in these corridors, he notes.<\/p>\n \u201cRegulatory frameworks set a baseline and targets for where we need to go on the cybersecurity journey,\u201d says DeVolld. Objective, third-party safety focused organizations like ABS and its affiliated company, ABS Consulting, add to that by bringing forward standards interpretation, guidance and compliance support to:<\/p>\n DeVolld\u2019s maritime cybersecurity team helps clients understand how to navigate global maritime regulations.<\/p>\n The International Maritime Organization\u2019s (IMO) Resolution MSC.428(98) mandates cyber risk management in the Safety Management System (SMS) for cargo ships 500 gross tonnage (GT) and above. In the European Union (EU), NIS2 tightens incident reporting timelines and strengthens supply-chain security, requiring measures from cryptography and multi-factor authentication to incident handling and business continuity.<\/p>\n In the United States, the USCG\u2019s final rule (effective July 16, 2025) establishes minimum cybersecurity requirements for US-flagged vessels, Outer Continental Shelf (OCS) facilities, and facilities regulated under the Maritime Transportation Security Act (MTSA), mandating cybersecurity plans, designated officers and structured detection, response and recovery.<\/p>\n To support the USCG\u2019s updated MTSA requirements, ABS Consulting offers role-based MTSA compliance training <\/a>for facility security officers, vessel security officers, operational managers and IT\/OT personnel.<\/p>\n Tracks cover the current threat landscape, MTSA-aligned implementation and controls, and incident categories and reporting under 33 CFR, with practical exercises. Courses are available online or on site and include role-specific certificates to support audit readiness.\u201d<\/p>\n The post Role-based training a priority to combat maritime cyber risks<\/a> appeared first on Marine Log<\/a>.<\/p>\n<\/div>\nPrimary threat: ransomware<\/h4>\n
The expanding attack surface<\/h4>\n
Underreporting and the new U.S. Coast Guard rules<\/h4>\n
Could an attacker steer a ship?<\/h4>\n
Ports, vendors and the wider supply chain<\/h4>\n
Europe\u2019s chokepoints multiply impact<\/h4>\n
Regulations are raising the baseline<\/h4>\n
\n
Training for MTSA-regulated facilities<\/h4>\n