• Home
  • Categories
    • Protection
    • Hostile Environment
    • Industry News
    • Intel
    • Career Advice
    • Surveillance
    • Cybersecurity
    • Maritime
    • Risk Management
    • Fitness
    • Medical
    • Training
    • Equipment
    • Reviews
  • Daily Briefing
  • Subscription
  • The Magazine
  • Podcast
  • Contribute
  • Advertise
  • Contact Us

Circuit Magazine

For Security & Protection Specialists

Get free circuit subscription with BBA membership
You are here: Home / Archives / Cyber-Security Offshore

Cyber-Security Offshore

Online Data Security Concept Illustration with Padlock Icons, Cyber Background and Circuit Board Elements. Internet Security Technologies.

The New Virtual Battlefield?

Our reliance on Information & Communications Technology (ICT) is stemmed deep in our everyday lives in the modern world and the Maritime and Offshore Oil & Gas industries are no different at all. Whether it’s the internet (for business or pleasure), dynamic positioning, navigation, GPS or crew welfare terminals, all these come with vulnerabilities that can be exploited by cyber criminal’s intent on causing operational disruption, financial loss, reputational damage or worse still potentially loss of life.

Over the past few years, we have seen many breaches of cyber-security offshore in the maritime and offshore oil and gas sectors including the tilting of oil rigs, malware riddled platforms and even port facilities industrial controls systems being hacked. Despite these incidents, there seems to be a distinct lack of awareness throughout organisations. From the research JWC have conducted over the last 12 months for a study with the Company Security Officers (CSO) Alliance and Coventry University, entitled ‘Cyber Security; The Unknown Threat at Sea?’, we had the pleasure of speaking to security and risk professionals from across the maritime and offshore industries. The purpose of the investigations, which were part of an overall assessment of offshore risk management was to identify how shipping companies and major offshore oil and gas producers managed the cyber threat and how well they understood the risks associated with a cyber-attack.

The findings were somewhat surprising for me as I made the mistake of assuming that most HSSE managers would be taking an orthodox risk-based approach to managing the cyber threat (and many were) but more than 50% of the personnel questioned did not believe cyber was a security or safety issue and referred me directly to their IT departments for further discussion and investigation. Many organisations I visited did not implement cyber or ICT usage policies or procedures, although this was more prevalent in the shipping industry and less so in the offshore oil and gas sectors, the findings were still significant.

It occurred to me that the maritime and offshore sectors are playing a dangerous game and the stakes are extremely high. In a world of globalisation and interconnectivity, cyber security is a threat that needs to be taken more seriously and management need to take responsibility sooner rather than later. At a recent conference I attended in London, it was highlighted that more than 80% of identified cyber security and information security breaches and related incidents offshore are as a direct result of human error, this tells us we need to start getting the basics right before we invest on advanced (and expensive) technical mitigation measures. Training and awareness for personnel are one of the biggest vulnerabilities right now and with the clear deficiencies that do not necessarily require significant investments, the offshore oil and gas sectors are high profile, lucrative and attractive targets for criminals and ‘hack-tivists’.

When you combine the absence of training for personnel, the lack of a clear and understood policy, with the current economic climate and add some fierce competition for business, it creates a natural increase in the risk appetite that security and safety managers may not be fully aware of. We are seeing many energy firms combining Industrial Control Systems (ICS) with much wider networks for the purpose of quicker information exchanges across the operational environment.

Although this may be more cost-effective and offer speed and efficiency, it also creates more vulnerable junctions within the system, that can leave operations significantly exposed to the outside world. If systems are attacked or compromised this could quickly lead to an operational shutdown, which would be catastrophic for all stakeholders concerned.

As more companies continue to increase internet access offshore for operational and also welfare purposes, it comes with an increased risk of suffering a cyber-attack at sea. The Offshore Sector and International Shipping and Logistics environments, including port facilities too are becoming more complex with less dependency on manual systems by advancing to more automated technology. For a multitude of reasons and as highlighted earlier, we are beginning to see an increase in Information Technology ( I.T.) and Operational Technology (O.T.) networks being connected together at sea which are also connected to the Internet. It is no secret that many ships and nearly all offshore oil and gas process plants are online 24/7 these days and protecting vital digital infrastructure against cyber-threats is paramount in ensuring a safe and secure operational workplace and also optimal productivity at all times.

It is often said that complacency is simply a lack of awareness and training and the offshore and maritime industries need to do more to ensure they are not the next victims on the cyber battlefield!

Top 5 Cyber Security Vulnerabilities at Sea

1. Cyber Security Training & Awareness

2. Highly Vulnerable & Outdated Industrial Control Systems

3. Lack of Information Security Policies

4. Insufficient Separation of Data Exchange Networks

5. Poor Network Protection Between Onshore & Offshore Operations


 

Jordan Wylie has spent the last 7 years Jordan has spent the last 7 years as a maritime security advisor to governments, international shipping companies and offshore oil and gas majors worldwide. Jordan holds a Bachelor’s Degree in Security & Risk Management and a Masters in Maritime Security Operations. He is the Principal Consultant at JWC International and the Managing Director of Sovereign Global. Jordan pioneered the global ‘Be Cyber Aware At Sea’ campaign, which is a non-profit initiative to raise awareness of increasing cyber threats to ship-owners and seafarers.

Buy The Latest Issue

Sign Up For News and Updates

We respect your privacy and will not share your information with anyone.
We will only message you when we have something relevant and of value to share with you.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Issue

Circuit magazine cover issue 55

Issue 55

Buy Now

Latest Industry News

Industry News October 2020

We cast our eye over the main stories impacting the security industry. Here’s what’s appeared on the radar since the last issue.

Security industry News Brought to you by the Circuit Magazine

Industry News

We cast our eye over the main stories impacting the security industry, including, Kanye West’s former bodyguard is calling the rapper a “bully” and is threatening to sue for damages after West accused him of breaking a confidentiality agreement.

Industry News

We cast our eye over the main stories impacting the security industry. Here’s what’s appeared on the radar since the last issue.

Security industry News Brought to you by the Circuit Magazine

Security Industry Association Announces New SIA Women in Security Scholarship Opportunity

“The SIA Women in Security Forum works to grow and retain leaders in the security industry,” said Gloria Salmeron, director of human resources at Brivo and co-chair of the scholarship committee. “With the addition of this new scholarship, we look forward to helping bring opportunities for further education and advancement to as wide a spectrum of people as possible and inviting individuals to participate in the Women in Security Forum.”

Tactical Firearms - Cross-Draw

Tactical Firearms – Cross-Draw

It is believed that this is the safest method of carry because when the handgun is drawn from the holster, it points in a straight line directly at the target. The cross-draw is where the gun is on the opposite side of the body to the dominant hand, so you have to reach across the body to draw the handgun.

Product Review earHero

Product Review – Ear Hero

Designed by an audiologist, earHero’s speakers are so tiny they will never block your ear canal giving you the ability to literally talk on a separate phone without removing the earHero tactical earpiece from either ear.

You can literally hear whisper level sounds from yards away, while identifying the sounds’ precise location. The earHero tactical headsets have wires so thin and clear, they are virtually undetectable, and the design is so comfortable, you’ll barely know the earpiece is there.

Introduction to Cybersecurity Part 4

Insecure Smart Houses

They are only of limited relevance today, but as the technologies involved become more widespread and implemented into every facet of life they will only become more prevalent. While it sounds like the stuff of science fiction, these threats exist now and are not going to go away.

For simplicity, we’ll say that a ‘smart’ device is anything which connects to the internet (or a network) and is not intended to be a computer interface. Intended is the key word there, as many of these devices are insecure for the simple reason that they are a computer. The problem is that it is now cheaper and easier to put a general purpose computer into a device and run some software to, for example, turn lights on and off than it is to design a single-purpose lightbulb which also connects to a network.

Global Risk

Global Situation report provided by Stratfor

Global Situation Report October, 2020

Having informed insight in today’s increasingly complex international environment is more important than ever. That’s why we’ve partnered with Stratfor, the worlds leading geopolitical intelligence platform, to bring readers regular analysis and accurate forecasting of global trends from someone you can trust.

Popular Tags

Afghanistan armed attack Bodyguard Bodyguarding Celebrity client Close Protection Close Protection Officer Elijah Shaw Executive Executive Protection fight firearm gun Intelligence Iraq Law Enforcement Medical military News online police Prevention professional protect protection PTSD Risk Risk Assessment Risk Management Safety Security Security Incidents Security Industry Authority SIA Social Media Surveillance terror Terrorism terrorist Threat train Training VIP

On The Frontline

Keeping Your Edge – Measured Responses in Tour Security (Part II)

In the first part of this ongoing series, we discussed the challenges faced by Protectors who work with entertainers … >>>

Due Diligence and Why It Is Required

The vast majority of problems people have with business deals, investments and their personal life could be avoided if … >>>

Be Streetwise and Think Like a Criminal

When people come to me for tactical pistol training I tend to ask them why they want to do the class and carry a … >>>

Follow us

  • Email
  • Facebook
  • Twitter

From The Archives

Global Incidents: 16 September 2013

Global Incidents: 16 September 2013   Critical Information Afghanistan: 27 miners killed in collapse. Colombia: … >>>

Icon course review

ICON Advanced EP – Course Review

ICON Advanced Executive Protection Course Review   When I made the choice that I was going to make a move into the … >>>

Training for Survival

  Training Provides Realistic Instruction On How to React In Active Shooting Incidents In an international age … >>>

Working Girl: Female Bodyguards

I've been traveling around the UK on a CP job for the past few months but was also lucky enough to be part of the … >>>

  • Terms And Conditions
  • Magazines
  • Privacy Policy
  • Archives

© 2021 Circuit Magazine · Rainmaker Platform

This website or its third-party tools use cookies which are necessary to its functioning and required to improve your experience. By clicking the consent button, you agree to allow the site to use, collect and/or store cookies.
I accept