Company News
DEF CON 27: Addressing Maritime Cyber Risk for Operational Technology
According to a 2018 study by Ponemon Institute, the highest-rated cyber security concerns for 2019 are third-party risks, data breaches and attacks on operational technology (OT) assets. Chief among these concerns are the potential for significant disruption to business processes caused by malware and cyber attacks against OT infrastructure resulting in downtime to plant and/or operational equipment.
As the maritime industry continues to face an uncertain threat of cyber attacks and potential disruptions to critical assets and operations, ¹ú²úÂ鶹AV and ¹ú²úÂ鶹AV Group are driving new risk based solutions designed to help clients understand and manage cyber risk across IT and OT systems.
These topics were addressed by ¹ú²úÂ鶹AV Cyber Security experts at the recently held DEF CON 27 Hacking Conference in Las Vegas, which brought together a range of professionals working in the digital technology sector. Bringing its deep domain expertise to the forum, ¹ú²úÂ鶹AV was a main sponsor for the "Hack the Sea" inaugural maritime village located on the exhibit floor. The ¹ú²úÂ鶹AV booth featured a PLC Cyber Range device to represent a real-world OT asset found onboard a marine asset/vessel and which simultaneously demonstrated how IT and OT systems converge across a typical industrial control system.
Visitors to the ¹ú²úÂ鶹AV booth were encouraged to try and hack the device and learn more about the award-winning ¹ú²úÂ鶹AV FCI Cyber Risk™ Method for minimizing the risk of a cyber attack in an OT environment.
¹ú²úÂ鶹AV Senior Technical Advisor Cris DeWitt presented at the conference and outlined the latest status regarding U.S. policy in maritime cyber security. DeWitt also led a Maritime Policy Panel, which highlighted a path forward for both government and industry. The panel discussed roadblocks between regulators and developers/researchers across the maritime community as a key topic to resolve.
"Our presence at DEF CON 27 highlights our commitment to understanding both friendly and adversarial cyber issues," says Ian Bramson, ¹ú²úÂ鶹AV Global Head of Cyber Security. "Cyber security has become a business imperative. ¹ú²úÂ鶹AV and ¹ú²úÂ鶹AV Group are developing comprehensive solutions that address securing OT assets across the marine and offshore supply chain."
Powering its cyber security and risk reduction solutions, ¹ú²úÂ鶹AV developed the FCI Cyber Risk method to measure cyber security risks associated with operational technology and provide clients with a quantitative risk index for vessels, fleets and facilities. This groundbreaking approach quantifies cyber security risk and gives owners and operators an actionable strategy to reduce cyber risk onboard a vessel. Effectively, it places the controls for responding to cyber risks back into the hands of the asset owner. The model was developed following a two-year research contract with the Maritime Security Center—a U.S. Department of Homeland Security Center of Excellence—led by Stevens Institute of Technology and including the U.S. Department of Defense.
Explore our Risk and Safety Management services for Marine and Offshore.
¹ú²úÂ鶹AV ¹ú²úÂ鶹AV Group
¹ú²úÂ鶹AV, Inc. (¹ú²úÂ鶹AV Group) and its operating subsidiaries provide risk management solutions and certification services worldwide that help clients address the safety, integrity, quality and environmental efficiency of critical assets and operations. Headquartered in Spring, Texas, ¹ú²úÂ鶹AV Group operates with more than 1200 professionals across the globe, serving the marine and offshore, oil, gas and chemical, government, power and energy and industrial sectors. ¹ú²úÂ鶹AV Group is a subsidiary of ¹ú²úÂ鶹AV (), a leading marine and offshore classification society.