Maritime Cyber Risk Management Assistance Program
Maritime Cyber Risk Management Assistance Program (CAP)
As we all know, the 50,000 ships sailing the sea at any one time have joined an ever-expanding list of objects that can be hacked. Cybersecurity experts recently displayed how easy it was to break into a ship’s navigational equipment. This comes only a few years after researchers showed that they could fool the GPS of a superyacht into altering course. And most recently, Maersk, one of the largest shipping companies in the world, fell victim to malware at a cost of over $300 million in 2017. As if that wasn't enough, given all the protections that were put in place, the company was hit again in 2018. A business subsidiary of Maersk operating in Australia was hit when security analysts at Svitzer Australia discovered that the email system of the company was under the control of hackers for 10 months before the hack was discovered on March 1st of 2018.
Once upon a time objects such as cars, toasters and tugboats only did what they were originally designed to do. Today, the problem is that they all also talk to the internet. Including everything associated with Cruise Ships and the Cruise Industry.
It's no longer a question of "if," it's a question of "when", and more importantly, "did it already happen?" The focus must become more Proactive, than Reactive.
At the National Maritime Law Enforcement Academy, we are working with RiskSense, a nationally recognized leader in Cyber Risk Management by DOD, DHS, other federal and state agencies, and numerous organizations as a "best" in the world of cybersecurity (we identified them as an NMLEA “STAR” Product).
This is because of their ability to quite literally change the battlefield, by enabling customers the ability to become Proactive vs. Reactive.
RiskSense allows customers to be Proactive through the following capabilities:
Ability to provide Intelligence-Driven Risk Analytics. This is the company using human-interactive machine learning and the one that predicted the Wanna-Cry malware attack before it happened. (See the link to the DOJ Indictment of the North Korean hacker, where RiskSense is cited.)
Ability to cover a Growing Attack Surface, (managing over 1 Billion vulnerabilities per client in 2017) which is extremely relevant to the maritime domain (including the cruise industry, port authorities, shipping companies, terminal operators, etc.) as the threat surface is expanding daily with connections to the Internet of Things and the digital footprint grows exponentially.
Visual Dashboard with Cyber Risk Scores presented in an easy to understand credit score-like graphic for organization-wide prioritization and common communication (e.g. from top management to critical business operations, so managers at all levels can see what the highest priority threats and vulnerabilities are based on your business context and using unique global threat intelligence)
Ability to build to scale capabilities that can aid the smallest to the largest organizations, for as little as $12.50 per device.
Incredible Time-to-Value implementation. It can be put into place effortlessly, and work in concert with any security System of Record that may currently be in place. Most importantly, it shows immediate value to leadership and stakeholders.
The Business Case for Cyber Risk Management. Implementing a cyber risk management program is emerging as the leading investment for a number of important strategic and business reasons. Cyber risk management is a proactive, predictive and preventative approach to managing the growing scope and sophistication of cyber attacks. This does not replace what you are doing now; it makes it more organized and effective. Also called “continuous adaptive risk and trust assessment (“CARTA”) approach by Gartner, Inc., cyber risk management focuses on using data to prioritize your highest risk vulnerabilities and accelerate the remediation process. (Check out the blog on the subject or read the White Paper that lays it all out.)
Check Out the Many Ways to Find Out How Cyber Risk Management can make you Safer and More Proactive!
You can watch our "No Safe Harbors" Webinar or read the "No Safe Harbors" White Paper by clicking here. You can ask for a no cost, confidential Cyber Risk Needs Assessment by clicking here,
Click here to learn how the DOJ Indictment of the North Korean hacker cites RiskSense as a resource they used, and one that predicted the WannaCry virus, before it happened! (See page 106 of the Indictment.)