Last updated on April 17, 2014 at 10:14 EDT

First EU-Report on Maritime Cyber Security

December 19, 2011

BRUSSELS and HERAKLION, Greece, December 20, 2011 /PRNewswire/ –

ENISA has published the first EU report
[http://www.enisa.europa.eu/act/res/other-areas/cyber-security-aspects-in-the-maritime-sector ]
ever on cyber security challenges in the Maritime Sector. This principal analysis
highlights essential key insights, as well as existing initiatives, as a baseline for
cyber security. Finally, high-level recommendations are given for addressing these risks.

Cyber threats are a growing menace, spreading to all industry sectors that rely on ICT
systems. Recent deliberate disruptions of critical automation systems, such as Stuxnet
[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis ], prove that
cyber-attacks have a significant impact on critical infrastructures. Disruption of these
ICT capabilities may have disastrous consequences for EU Member States’ governments and
social well-being. The need to ensure ICT robustness against cyber-attacks is thus a key
challenge at national and pan-European level.

Some key findings of the report
[http://www.enisa.europa.eu/act/res/other-areas/cyber-security-aspects-in-the-maritime-sector ]

        - Maritime cyber security awareness is currently low, to non-existent.
          Member States are thus highly recommended to undertake targeted maritime sector
          awareness raising campaigns and cyber security training of shipping companies, port
          authorities, national cyber security offices, etc.
        - Due to the high ICT complexity, it is a major challenge to ensure adequate
          maritime cyber security. A common strategy, and the establishing of good practices for
          technology development and implementation of ICT systems would therefore ensure
          "security by design" for all critical maritime ICT components.
        - As current maritime regulations and policies consider only physical aspects of
          security and safety, policy makers should add cyber security aspects to them.
        - ENISA strongly recommends a holistic, risk-based approach; assessment of
          maritime-specific cyber risks, as well as identification of all critical assets within
          this sector.
        - As maritime governance is fragmented between different levels (i.e.
          international, European, national), the International Maritime Organisation together
          with the EU Commission and the Member States should align international and EU
          policies in this sector.
        - Better information exchange and statistics on cyber security can help insurers
          to improve their actuarial models, reduce own risks, and thus offer better contractual
          insurance conditions for the maritime sector. Information exchange platforms, such as
          CPNI.NL, should be also considered and by Member States to better communications.

The Executive Director of ENISA, Professor Udo Helmbrecht comments;

“This report positions maritime cyber security as a logical and crucial next step in
the global protection efforts of ICT infrastructure.”

Maritime figures

        - 90% of the EU's external trade and more than 40% of the internal trade
          take place via maritime routes.

Consequently, securing the maritime sector’s critical infrastructure and the movement
of vital goods, e.g. food and health supplies, is a priority area for Europe.

For full report
[http://www.enisa.europa.eu/act/res/other-areas/cyber-security-aspects-in-the-maritime-sector ]

SOURCE ENISA – European Network and Information Security Agency

Source: PR Newswire