The increasing concern of cyber-attacks

By Frédéric Denèfle, Legal & Claims Manager at GAREX, France, and IUMI Legal & Liability Committee Chairman

The recent Willis Towers Watson report, published in October 2016, is a breakthrough in understanding cyber risk threats for the transportation sector as a whole, including shipping.

The annual IUMI Conference in Genova this year served as a useful platform to discuss the methodology behind safeguarding a ship owner’s internal IT system from cyber-attacks. Two presentations were given during the Legal & Liability workshop, one by Yohan Le Gonidec, TECNITAS  and the other by Aron Sorensen, BIMCO, detailing the means and tools a ship owner needs in order to tighten up their IT system to be protected from such threats.

BIMCO’s guidelines and presentation on cyber security addressed not only the concept of a cyber risk attack, but also the various processes which should be safeguarded. The TECNITAS presentation provided us with the methodology to build a protective fence, using both technical and internal human resources, to reduce the risk. 

The new Willis Towers Watson report gives precise examples of key cyber-attack targets within the transportation industry, which is at the heart of IUMI’s business. The report highlights the concern of the whole transportation industry, and how this new risk could materialise. With recent experiences of losses and some loss scenarios, these can now be clearly analysed and quantified.   

This creates a strong pillar for IUMI to monitor the various underwriting issues that marine and transportation insurers may face, and allows for open dialogue with all stakeholders exposed to these technical threats.

Technical developments on ships are clearly heading to a more autonomous level, either remotely and/or with less crew, and most likely an increased use of IT devices to maintain and supervise machinery and/or cargo handling on board.

In order to understand how cyber threats can be managed, considering both the property and liability aspects, we will need to discuss this extensively. IUMI is at the heart transportation and marine activity, and professional associations or international public authorities are the bodies to question, discuss with and gather all available information. Professional public statements from shipping and/or transportation organisations will also provide a deeper understanding of the roots and consequences of the new threat to international trade and modern shipping.  

The Legal and Liability Committee will focus on this issue to understand the risks, sharing knowledge with all interested parties to help them determine if cyber risk remains a myth or has become a modern business disease.