DNV’s report found that 75 per cent of the 801 industry professionals surveyed believe that operational technology is a significantly higher priority for their organisation than it was two years ago
Assurance and risk management services provider DNV has found that more than half of maritime professionals think their organisation needs to increase cybersecurity investments, according to its Maritime Cyber Priority 2023 report
The report, which explores the changing attitudes and approaches to cybersecurity in the maritime sector, found that 75 per cent of the 801 industry professionals surveyed believe that operational technology (OT) – which manages, monitors, controls and automates physical assets such as sensors, switches, safety and navigation systems on vessels – is a significantly higher priority for their organisation than it was two years ago.
“The maritime industry is still thinking IT in an era of connected systems and assets,” said Svante Einarsson, head of maritime cybersecurity advisory at DNV. “With ship systems being increasingly interconnected with the outside world, cyberattacks on OT are likely to have a bigger impact in the future.”
Additionally, DNV revealed that insufficient funding is the maritime sector’s biggest barrier to greater cyber resilience in 2023. Most survey respondents say that the strongest motivation to unlocking cybersecurity funding lies in businesses needing to comply with new security rules such as the IACS Unified Requirements and the European Union’s NIS2 Directive from 2024.
“Regulation only sets a baseline for cybersecurity,” said Svante Einarsson, head of maritime cybersecurity advisory at DNV. “It doesn’t guarantee security. Rather than taking it as our goal, the maritime industry should use it as a foundation on which to further improve and adapt to the changing threat landscape.
“Our research indicates that the industry needs to take big steps forward in openly sharing cybersecurity experiences – the good, the bad and the ugly – to collectively create security best practice guidance for a safer, more sustainable maritime sector.”
With connected technologies due to play a crucial role in the security of cruise and ferry operations, 85 per cent of maritime professionals are also looking to use these solutions to reduce emissions across the industry.
“Cybersecurity is a growing safety risk, perhaps even ‘the’ risk for the coming decade,” said Knut Ørbeck-Nilssen, CEO of maritime at DNV. “But crucially, it is also an enabler of innovation and decarbonisation. Because as we pursue greener, safer, and more efficient global shipping, the digital transformation of the industry is deeply dependent on securing these interconnected assets. Making it vital that we work collaboratively to strengthen our collective cybersecurity.”
DNV’s report recommends that the industry considers cybersecurity as an enabler, treat cyber risks like safety risks in an operational setting, develop a strategy for more effective training, and more.