According to a new study commissioned by Inmarsat, the maritime industry has one of the most favourable attitudes towards the adoption of analytic, management and operational tools based on the internet of things (IoT).
The report, to be published on 26 June and based on 750 interviews, provides a detailed account of attitudes towards IoT and digitalization in the maritime, transport and logistics, energy, mining and agriculture sectors. According to the respondents, IoT solutions will attract a larger share of their IT budget in comparison with other technologies.
In the maritime industry, a number of reasons have been given for the implementing, or planned implementation, of IoT solutions. They include:
- reducing costs,
- optimising shipping routes,
- monitoring fuel consumption to comply with fuel efficiency regulations, and,
- cutting insurance premiums
However, only 25% of respondents are developing new IoT security policies. Yet cyber attacks remain a danger for the maritime industry especially with an increasing number of components that are connected and communicating with each other. Security concerns emerge as larger systems may be targeted through their connected components.
A recent presentation by Pen Test Partners (PTP) at the Infosecurity Europe conference demonstrated multiple methods for attacking shipping vessels due to weak default passwords, failure to apply software updates and lack of encryption. PTP was able to do so using Shodan, the IoT search engine which also publishes a ship tracker.
International Standards to protect critical infrastructure systems.
Many organizations rely on the ISO/IEC 27000 family of International Standards for information security management systems (ISMS) to keep their information assets secure. This family of Standards developed by ISO/IEC JTC 1/SC 27: IT security techniques.
IEC TC 80: Maritime navigation and radiocommunication equipment and systems, has developed IEC 61162-450:2016. In parallel, TC80 has developed IEC 61162-460:2018 to expand requirements when there is a need for enhanced safety and security standards.
Cyber security is the focus of the IEC Conformity Assessment Board (CAB) Working Group (WG) 17 and IEC Conformity Assessment for Electrotechnical Equipment and Components (IECEE) Certification Management Committee Task Force.