DEF CON 27: Addressing Maritime Cyber Risk for Operational Technology
According to a 2018 study by Ponemon Institute, the highest-rated cyber security concerns for 2019 are third-party risks, data breaches and attacks on operational technology (OT) assets. Chief among these concerns are the potential for significant disruption to business processes caused by malware and cyber attacks against OT infrastructure resulting in downtime to plant and/or operational equipment.
As the maritime industry continues to face an uncertain threat of cyber attacks and potential disruptions to critical assets and operations, ABS and ABS Group are driving new risk based solutions designed to help clients understand and manage cyber risk across IT and OT systems.
These topics were addressed by ABS Cyber Security experts at the recently held DEF CON 27 Hacking Conference in Las Vegas, which brought together a range of professionals working in the digital technology sector. Bringing its deep domain expertise to the forum, ABS was a main sponsor for the "Hack the Sea" inaugural maritime village located on the exhibit floor. The ABS booth featured a PLC Cyber Range device to represent a real-world OT asset found onboard a marine asset/vessel and which simultaneously demonstrated how IT and OT systems converge across a typical industrial control system.
Visitors to the ABS booth were encouraged to try and hack the device and learn more about the award-winning ABS FCI Cyber Risk™ Method for minimizing the risk of a cyber attack in an OT environment.
ABS Senior Technical Advisor Cris DeWitt presented at the conference and outlined the latest status regarding U.S. policy in maritime cyber security. DeWitt also led a Maritime Policy Panel, which highlighted a path forward for both government and industry. The panel discussed roadblocks between regulators and developers/researchers across the maritime community as a key topic to resolve.
"Our presence at DEF CON 27 highlights our commitment to understanding both friendly and adversarial cyber issues," says Ian Bramson, ABS Global Head of Cyber Security. "Cyber security has become a business imperative. ABS and ABS Group are developing comprehensive solutions that address securing OT assets across the marine and offshore supply chain."
Powering its cyber security and risk reduction solutions, ABS developed the FCI Cyber Risk method to measure cyber security risks associated with operational technology and provide clients with a quantitative risk index for vessels, fleets and facilities. This groundbreaking approach quantifies cyber security risk and gives owners and operators an actionable strategy to reduce cyber risk onboard a vessel. Effectively, it places the controls for responding to cyber risks back into the hands of the asset owner. The model was developed following a two-year research contract with the Maritime Security Center—a U.S. Department of Homeland Security Center of Excellence—led by Stevens Institute of Technology and including the U.S. Department of Defense.
Explore our Risk and Safety Management services for Marine and Offshore.
About ABS Group
ABS Group of Companies, Inc. (www.abs-group.com), through its operating subsidiaries, provides technical advisory and certification services to support the safety and reliability of high-performance assets and operations in the oil, gas and chemical, power generation, marine, offshore and government sectors, among others. Headquartered in Houston, Texas, ABS Group operates with more than 1,000 professionals globally. ABS Group is a subsidiary of ABS (www.eagle.org), a leading marine and offshore classification society.