Topics:
ENISA calls for increased maritime cybersecurity guidance
The European Union information technology agency is calling on members to add maritime industry cybersecurity as a matter for possible state regulation.
In a report posted online Dec. 19, the European Network and Information Security Agency notes that Europe in 2010 depended on maritime transport for 52 percent of its traffic in goods. But, awareness of cybersecurity challenges in the maritime sector "is currently low to non-existent."
That observation applies to all layers of organization within the maritime sector, from governmental bodies, port authorities to maritime companies themselves, ENISA says.
Partly that's because there are a low number of known cybersecurity incidents affecting maritime interests, the report says--but there are virtually no mechanisms in place for EU members to specifically report maritime sector data breaches or system intrusions, it adds.
As a result, member states should undertake a review of current law with an eye toward establishing whether updates are necessary to make cybersecurity a part of maritime regulations, ENISA says. At a minimum, states should establish a governance mechanism with identified roles and responsibilities of key public- and private- stakeholders, the report says.
ENISA also calls for creation of detailed cybersecurity guidance and best practices for maritime IT at an international level with consensus from the United Nations' International Maritime Organization, the European Maritime Safety Agency, ENISA, and users.
The trend of port privatization adds further urgency to the need for maritime security requirements, the report also says. Major European ports already privatized include Piraeus, Thessaloniki and Stockholm, with Hamburg currently in the process of being privatized.
For more:
- download the ENISA report, "Analysis Of Cyber Security Aspects In The Maritime Sector" (.pdf)
- see a ENISA press release on the report
Related Articles:
E.U. body outlines broad security goals for industrial control systems
EU agency warns of voluntary surveillance society
Comments