How to Take Cyber Resiliency Seriously
You might think that investing in cyber resiliency would be one of the most obvious steps for maritime and logistics businesses to take today. After all, cyberattacks against ports, shipping and logistics companies surged by as much as 400 percent during the pandemic, and there is no sign that they’ll slow down, with small, medium and even mega players (such as Expeditors in 2022) being severely hit.
Yet the reality is that maritime and logistics service providers continue to under-invest in resilience. If they didn’t, you’d expect the pace of cyber attacks in this industry to slow down because attackers would realize that maritime businesses weren’t such easy targets.
The 9 trillion dollar (that was the estimated total value of the global logistics industry last year) question, then, is why companies in this sector continue to neglect cyber resilience. We think there are a variety of factors at play, and it’s only by understanding each one that it becomes possible to get buy-in for building cyber resilience across the maritime industry.
So, why is it that maritime cyber resilience continues to receive less attention and investment than it should? And what can businesses do about it?
Key reasons for neglect
Probably the biggest is that senior management often fails to see the value of cyber resiliency. They believe that their organizations are already primed to handle a crisis, and don’t understand why they need to invest in training, cyber drills and other resilience initiatives.
A related challenge is that management tends to underestimate the seriousness of cyber threats. Many believe that attacks can be detected and stopped quickly enough – not realizing it takes 327 days, on average, to identify breaches, according to IBM.
The idea that investing in cyber defense negates the need for building cyber resiliency also helps to explain why we see less than we should of the latter. Businesses wrongly assume that as long as they have protections in place to defend against attacks, they’ll be able to block breaches before they cause harm. The reality, of course, is that even the strongest cyber defenses can be breached, which makes it critical to have a plan in place for recovering quickly.
A final major challenge is lack of accountability for resilience. In most organizations, specific teams – typically, IT and cyber security departments – are responsible for handling cyber protection and attack detection. But there’s usually no specific set of stakeholders for cyber response, crisis management and business continuity. Indeed, there can’t be a single group of stakeholders for these tasks, as these are operations that require participation across the business, including technical teams, non-technical employees and management.
Still, since no single person or group “owns” cyber resilience, resilience planning can easily fall by the wayside.
How should you be going about building cyber resilience?
Taking charge of your cyber resilience
Those are the causes of the problem. Now, let’s talk about solutions, and what it takes to build an effective cyber resilience strategy – something that Help Net Security calls a “top priority,”.
There are four stages to the process:
- Assessment: Before embarking on a cyber resilience program, you must assess your current response and recovery capabilities, identify strengths and weaknesses and determine which processes and systems you need to improve to build effective cyber resilience.
- Planning: Next, design a crisis management program tailored to your needs. Your program should identify who will serve on the crisis management team, define roles and responsibilities, lay out internal and external communication plans, identify which third parties may need to play a role in resilience and provide templates, documents and meeting agendas for your teams to use during response and recovery operations.
- Establish business continuity: In addition to planning response operations, determine how you’ll manage business continuity during a severe cyber attack. Your approach will need to be tailored to your business. For example, a shipping company may need to consider how it will continue booking and releasing cargo and communicating with operational business partners during an attack. A terminal would need to consider how to manage marine, yard and gate operations in the event its normal systems became inoperable due to an incident.
- Practice: Last but not least, practice your cyber resilience strategy. Testing the plans allows you to find gaps and inconsistencies. It also builds “muscle memory” so that your team can react as quickly as possible during a real incident.
When you work through these four stages, you get a cyber resilience plan that maximizes your ability to steer your business through even the most severe cyber attacks.
Adopting a cyber-resilient posture
It’s pretty clear that companies should invest in cyber resilience, especially in industries like maritime and logistics, which are under siege by attackers. And resilience planning is not as difficult as it may appear – especially if you have an expert partner to guide you through the resilience planning, response and recovery processes.
This is where Cyberstar comes in. In addition to helping maritime companies plan and practice cyber resilience strategies, we provide immediate remote support 24/7 as well as on-site support within 12-24 hours (depending on location) whenever an attack occurs. Want to hear more?
