Inmarsat is launching a unified threat management (UTM) solution to take away cyber security risks.
The solution – which will be available later this year – will be embedded within existing hardware onboard and is described as a ‘virtual machine’ that can be provisioned at any time, to provide data inspection and protection for the cyber security of the vessel by inspecting all traffic flows through the onboard controller. “If a server or client is compromised, it can be isolated automatically and keep the rest of the network clean,” explained Inmarsat senior vice president for safety and security services Peter Broadhurst. All incidents are reported back to the portal so that the ship operator can be alerted to any cyber security breaches and take corrective action.
Mr Broadhurst said: “It is not just a take-off-the-shelf product used in a sector such as finance; instead we have made it more specific to the maritime industry, tailoring it to how marine data traffic works.”
Therefore, it doesn’t impact the business traffic of the vessel, as all anti-virus and configuration updates, events and alarms are transmitted outside customer bandwidth, with the software managing all incidents completely for the shipowner.
Current customers of Fleet Xpress can upgrade to the service.
Mr Broadhurst highlighted the greatest cyber security risks: “One of the largest issues is the way that crew operate IT; they can download malicious software by clicking on the wrong links, thereby compromising the network.” To combat this, ship operators need to offer training in this area, which is something that the UTM can work alongside, Mr Broadhurst said, by reporting about what is happening on the vessel in real-time so that operators can see if training is making a difference. “This makes it a good feedback loop, and means training is not just a case of ticking a box,” he said.
Inmarsat is part of a joint industry initiative, along with class societies, the International Chamber of Shipping and the International Union of Marine Insurance among others, to drive awareness of cyber security, so that ship operators can take pragmatic steps to increase security.