Over the last couple of years, the maritime industry has become the newest target for cyberattacks – to the tune of a 400% increase. Whether for a shipping company, a logistics provider or a port operator, cyber simulations are the most cost effective method to test your business’ resilience, ensuring that it is specifically tailored to your company.
What precisely is a cyber simulation?
There are several elements that make up a cyber simulation, from the teams involved, to the specific goals and requirements.
A cyber security simulation involves various internal and external stakeholders depending on the individual company. Internal stakeholders should include C-level executives, IT and information security teams and possibly mid-level management as well. Of the external stakeholders, it can be beneficial to include not only legal representatives, but PR and insurance teams as well.
The goal of the cyber simulation is to prepare teams for what needs to happen in the event of a cyber attack. This means training participants in effectively managing and addressing both business, technical and logistical dilemmas, which could arise, specifically with the aim of increasing cyber resilience. Throughout the simulation, participants will be required to think, act, and make decisions as if the scenario were real. The more “real” it feels, the more your company will learn from the simulation and the greater the potential future benefit in the event of a real incident.
Benefits of a cyber simulation
There are multiple benefits to be taken from a properly conducted cyber simulation:
- It supports the development of tangible business continuity contingencies, including considering which aspects of the business to protect and restore first. This can mean putting all efforts into protecting customer accounts or to controlling the media narrative following the incident.
- Senior management and relevant team members will have an increased awareness of cyber threats and the potential implications.
- Everyone involved will develop the necessary “muscle memory” of how to respond during an attack. This in turn builds organizational confidence as well as teams’ capability to respond effectively. A recent study found that 78% of cybersecurity professionals believed that cybersecurity drills had allowed their organizations to be better prepared to respond to any future cyber threat.
- Security gaps in existing response plans and technology will surface and can be addressed.
- Responsibilities can be documented and assigned appropriately; from management, to the IT team, maritime operations team and everyone else involved.
Bonus! There is additional motivation to invest in cybersecurity following a cyber simulation. In fact, a recent study by Osterman Research, found that 45% of respondents said that after a cyber drill they were able to increase their security budgets.
The scope and objectives of a cyber security simulation?
There are several questions you need to consider before starting out. To begin with, what specifically are you planning to practice? Are you focusing on training the IT team on how to continue minimal port functions running when certain core systems are down? Or placing the emphasis on protecting customer account data, dealing with the inevitable PR crisis and stakeholders’ questions.
This will lead onto the next question to consider: who specifically should be involved. From C-level executives to mid-level management and down to individual junior team members. Following this, you need to consider precisely which crisis scenarios are you planning to focus on: which key issues and dilemmas are you planning to practice? This could be a ransomware attack with cybercriminals threatening to release sensitive data, or malware with a breach of your systems. Without this focus, your teams will not be able to effectively drill their response and the benefits of the simulations will be significantly diminished.
Running a successful cybersecurity exercise
Having decided on the general scope of your cyber security simulation, there are a number of tips that can ensure your business gets the most out of it:
- No two companies are exactly alike. Therefore an effective exercise should be tailored specifically to your business, will take several weeks to develop, and will include realistic situations and scenarios. A small terminal in New Jersey does not face the same challenges as a major terminal in Singapore, even from a regulatory point of view.
- Conducting individual interviews and group workshops in preparation will significantly enhance your chance of success. It will also boost the confidence level of the participants as they will understand what to expect and be able to anticipate which skills they will be working on
- It is important to develop content and tasks for each participant, to keep them engaged in the simulation. IT can have tasks relating to core systems crashing, while management might be more involved in handling PR and answering stakeholders questions.
- Consider nominating internal observers. An insider will always have a better understanding and view of the company as a whole and will therefore be able to contribute important insights into the simulation. They can see who could personally handle more or different responsibilities or which team needs to report to which manager.
- Conduct a participants’ survey and “hot debrief” while everything is fresh in everyone’s minds. This way, you will get an immediate reaction; how each person felt they handled the simulation, what they learned and what, if any, questions they still have.
Post Simulation – security gaps you may discover:
Your simulation will surface cybersecurity gaps This is called getting your money’s worth, as it is precisely this which allows you to make the necessary adjustments.
Some common issues and questions that might arise:
- Do we have the tools and knowhow to conduct an effective assessment of an emergency situation in order to make decisions about how to handle next steps?
- Which of our systems are most at stake? Or vulnerable? And do we have practical contingencies for our critical business processes?
- Do we have the right crisis management structure in place?
- Is our communication strategy and plan up to date and tangible?
- Are we fully aware of regulatory and legal requirements and their implications?
- Is everyone clear on their roles and responsibilities?
- Will we be able to maintain (some) operational continuity and customer support during an attack?
- Have we mapped out and prioritized the key external stakeholders?
- Do we have updated check lists, to-do lists, communication lists?
And at the end of the day…
Running cyber simulations is the most cost effective way to prepare for a potential maritime cyber attack. Despite this, a shocking 78% of companies don’t have a cross-organizational crisis response plan, and of those who do, 54% simply do not test it regularly, which makes it essentially ineffective..
The bottom line is that companies that conduct drills are significantly better prepared and more organized and effective when a crisis hits. Added to this, the cost benefits are substantantial – the ability to get back to business faster, significantly reduces the amount of money that is lost on business being halted.
Cyberstar’s consultants help organizations lower cyber risk, strengthen organizational processes and ensure that when attacks happen, recovery is faster and business continuity is ensured. Don’t wait, call us today for a consultation about your next cyber simulation.