Cookies help us deliver the best experience on our website. By using our website, you agree to our use of cookies Dismiss

New GTMaritime solution protects shipboard systems from cyber-threats before they emerge

Jamie Jones, operations director, GTMaritime. Image Courtesy of GTMaritime. Jamie Jones, operations director, GTMaritime. Image Courtesy of GTMaritime.

A new solution from GTMaritime counters a major cyber security weakness of ships at sea today by deploying critical software and security patches to protect shipboard systems before threats emerge. GTDeploy provides a software deployment platform to deliver security updates to ships wherever they are in the world ‘in the background’ without requiring intervention by IT staff or distracting crew.

{mprestriction ids="1,2"} Hackers actively exploit the lack of urgency given by organisations to updating software, even though software patch management can be as vital to cyber-risk management as overtly defensive measures such as email filtering, network segregation and unified threat management. GTDeploy has been designed to make patch management integral to the maritime IT environment.

GTDeploy supports automatic updating – as seen on smartphones – for pushing out software fixes as soon as a newer version becomes available. It can add, refresh or uninstall security updates, patches or entire applications and gives fleet IT managers the flexibility to prioritise updates based on urgency and chose when and/or where they take place.

GTMaritime head of operations, Jamie Jones, said: “Software updates get pushed down the list of priorities for a variety of reasons. Sometimes there are simply more immediate problems that need dealing with but often this is to do with pressure on budgets: the cost of sending someone out to a vessel may be hard to justify. GTDeploy removes that pressure.”

Whether updates are better performed when a vessel is under way or postponed until reaching port, GTDeploy allows applications to be managed through an intuitive drag-and-drop dashboard interface. Its use saves ship operators time and money by reducing the logistical burden of either manually updating every PC remotely or sending IT personnel or local agents to visit ships in person.

GTDeploy is airtime agnostic, which means it will function regardless of the type and capability of satellite communications set up on a ship. This is particularly relevant for mixed or managed fleets, where ships have different hardware and varying configurations. If an application needs additional library files, for example, these are fetched automatically and included in the transmission package.

GTDeploy helps vessel owners cope with the proliferation of software onboard as the industry embraces digitalisation and transitions to data-centric operating practices. “As the number of onboard systems multiply and complexity grows, so does the urgency and resources needed to maintain them,” said Jones.

GTDeploy paves the way for a more pro-active approach to managing onboard software, he adds. With cyber-security due to come under the scope of Safety Management System of the ISM Code from next January, vessel operators must demonstrate that robust and systematic processes are in place to address vulnerabilities and reduce exposure to malicious code. 

GTDeploy is built on FastNet, a data connectivity platform developed by GTMaritime to manage ship/shore data flow intelligently as shipping companies embrace and transition to a more digital way of working. It comprises a package of services for encrypting, compressing and prioritising data communications to make best use of the satellite link and available bandwidth. {/mprestriction}

Related items

  • Shipping technology veterans join CyberOwl’s Strategic Advisory Board

    Cybersecurity company CyberOwl has welcomed two shipping technology and innovation veterans to its Strategic Advisory Board.

  • Changes to cybersecurity insurance

    In recent years there has been a marked increase in cyber-criminal activity. Put simply, as technology advances, so too do the skills of those seeking to exploit it. The growth of IoT provides ‘bad actors’ with more devices and connections to target, allowing them to become more sophisticated. These developments have contributed towards a huge uptake in cyber insurance in recent years. Now though, victims of ransomware attacks have begun to pay. Attacks and breaches now dominate the IT security news headlines. It stands to reason then that insurers must act, so here we look at changes to cybersecurity insurance in the wake of this rise in cyber-crime.

    Top Tip: Check your cybersecurity insurance policy today

    We would recommend a call to your broker, as the previous terms are almost certainly going to be different. Ask about new services too, and of course ensure that you have robust cybersecurity practices in place. This will be subject to higher levels of scrutiny moving forwards, and rightly so. 

    The cybersecurity insurance industry gathers momentum

    In line with the acceleration in cyber-crime, cyber insurance has experienced a fertile period. More policies than ever before have been issued, and the amounts of protection available have increased. In 2020, according to sources at Harvard Business Review, the first $1 billion cyber insurance programmes were launched. This is not difficult to imagine when you see the results of recent cybersecurity-related surveys. For example, the Hiscox Cyber Readiness Report 2021 revealed a 50 per cent year-on-year increase in 2019 for cyber losses. It also revealed that businesses were devoting more resources to cybersecurity than ever. Further key findings are as follows:

    • 2020 saw more companies targeted by criminals than in the previous year
    • Of those suffering attacks in 2020, more than a quarter (28 per cent) were targeted over 5 times
    • The companies who took part revealed that they allocated 21 per cent of their IT budget to cybersecurity (this was up 63 per cent when compared to the previous year’s survey)
    • 59 per cent of businesses with 250+ employees felt more vulnerable to cyber-attacks since the start of the COVID-19 pandemic

    Coronavirus has certainly had a huge impact on most, if not all sectors. Organisations the world over have lost vast sums of income, with many succumbing to their losses. It has subsequently made some view cyber insurance as a luxury. Yet there is another, far more critical issue to cybersecurity insurance that is ‘changing the playing field’.

    Ransomware and the cybersecurity insurance landscape

    Ransomware is perhaps the foremost cybersecurity threat. According to CRIBB Cyber Security’s Patrick Carolan, “it (ransomware) has achieved a lot of success in recent years. Ransoms were set at relatively low amounts and were largely ignored. Nowadays, I believe that the average is over $100,000. They are often paid now too, which means that insurance companies must adopt a more robust approach.”

    During the period of growth, many cyber insurers retained 60 per cent on every dollar paid in premiums. Security frameworks, policies and procedures of clients were often not thoroughly examined. Their level of cybersecurity awareness was largely overlooked. Carolan foresees a huge change in this:

    “A lot of the people in cybersecurity insurance are leaving that area of the industry. Some are point-blank refusing to insure for ransomware. The ones that remain are therefore charging a lot more and insuring for less. They are also asking for a much higher level of proof of strong cybersecurity controls before issuing any policies.”

    The future of cybersecurity insurance

    It is difficult to predict exactly what lies in store for those seeking cybersecurity insurance. However, it does seem likely that:

    • Premiums will be far higher
    • Coverage will shrink
    • There will be fewer outs
    • There will be limited options
    • Stronger requirements will be enforced

    Carolan points out the ransomware attempts at cyber insurance companies as being key. “Cyber-criminals can uncover how much ransom they could demand from potential targets. They can find this information directly or through the cybersecurity insurance companies they use. It is vital then to protect cybersecurity policies. I would say you should remove them altogether from areas where they could be found.”

    There have been cases where insurance companies have stated they will not pay any ransoms. Subsequently, they have been the victims of attacks. It is clear then that the industry is in a vulnerable position right now.

    Top Tip #2: Conduct vulnerability scans before opting for insurance

    As stated previously, requirements for insurance are (understandably) becoming more stringent. Some companies are even implementing external vulnerability scans themselves. It makes sense then to carry out a scan beforehand, and CRIBB can help.

     This article has been republished with permission from CRIBB Cyber Security. Read the original article here.

  • Marlink adds new services to ITLink

    Marlink has expanded its IT management solution, ITLink portfolio, with the addition of two new service options.

  • IEC Telecom and GTMaritime launch MarineStar E-Lite

    IEC Telecom and GTMaritime have partnered to deliver two vital services over one company antenna, with minimal bandwidth requirements. The connectivity package, MarineStar E-Lite, provides voice and data services that are optimised for smaller vessels.

  • ClassNK adds new cybersecurity training service

    ClassNK Consulting Service (NKCS) has added a new course named "Maritime Cyber Security Technical Course (Attack Method) for Responsible Officers in Land" for its e-learning cybersecurity training service.

Joomla SEF URLs by Artio

Login/Register

Register or Login to view even more of our content. Basic registration is free.

Register now

Newsletter

Guide to Helicopter/Ship Operations

Digital Ship magazine provides the latest information about maritime satellite communications technology, software systems, navigation technology, computer networks, data management and TMSA. It is published ten times a year.

 

Address:
Digital Ship Ltd
Digital Ship - Digital Energy Journal
39-41 North Road
London
N7 9DP
United Kingdom

Copyright © 2020 Digital Ship Ltd. All rights reserved           Cookie Policy         Privacy Policy

x