On 14 June, the second North Atlantic Treaty Organization’s (NATO) Allied Maritime Command (MARCOM) Maritime Security Symposium (MMSS) took place at the NATO Headquarters in Northwood, United Kingdom. The event was attended by 45 participants from NATO/MARCOM and EUNAVFOR commands, as well as a broad number of maritime industry stakeholders, including ship owners, P&I, IMO, and IUMI.
For this meeting the number of topics was reduced to two issues only (as opposed to four last year) to allow more time for discussion in small groups. The first topic was cyber security, the second was maritime security with a specific focus on Operation Sea Guardian. The overall objective of the MMSS is to support cooperation and dialogue between military and civilian organisations with the overall aim of improving maritime security.
During the opening presentation, John Murray from the International Chamber of Shipping (ICS) noted three major challenges from the shipowners’ perspective: onerous regulations, corruption, and security concerns (including piracy and illegal migration). He emphasised that an industry-developed website on security issues could be a helpful tool to share information and make knowledge more readily available.
Jim Bergeron, MARCOM Political Advisors talked about how NATO is facing the future. They have identified four key issues (“four Rs”): Russia, Radicals, Refugees, and Relevance. He further explained that the NATO command structure is going to be adapted to reflect the security changes and revised threats in the maritime domain. MARCOM staff will increase from 300 to 500 and aims to take a wider “360°” focus.
Cyber risks
In the first presentation Sergio Lomban, from European Cyber Security Organisation (ECSO – SGS is his day job), discussed cyber threats and defences. ECSO conducted various tests and found that Electronic Chart Display and Information System (ECDIS), Automatic Identification System (AIS), and Automatic Radar Plotting Aid (ARPA) are all fairly easy to hack.
Christophe Eugene from MARCOM then explained that NATO navies conduct a mapping of cyber incidents (primarily Global Positioning System (GPS) jamming/spoofing) within the NATO Area of Responsibility (AoR). This is a long process and it needs to be agreed to which level of detail the mapping should be conducted. In this context a concern raised was a cyber-attack on a vessel in the vicinity of a port, in straits (e.g. Malaccas) or in canals (e.g. Suez), where the commercial impact could be significant.
Mark Sutcliffe from the Company Security Officers (CSO) Alliance briefed the participants about the Airbus built reporting website on which maritime cyber incidents can be reported anonymously. They have already gathered several reports and promote the platform so that it will be used more broadly.
During the discussion several suggestions/key points were made:
- Develop a more detailed document/manual on cyber security (similar to Best Management Practices (BMP) 4).
- Looking at other industries, such as aviation and the car industry, which could provide helpful insights.
- Establish a reporting mechanism to ensure information about cyber incidents is gathered.
- Training of seafarers is crucial.
- Don’t oversell the threat.
Maritime security operations
The initial presentation looked at major threats which included non-kinetic threats (such as jamming, spoofing or cyber-attacks, e.g. on infrastructure), terrorism, migration, and certain regional powers. This was followed by a specific presentation about Operation Sea Guardian (OSG) in the Mediterranean. OSG is NATO’s response to ensuring maritime security in the Mediterranean, including defence and law enforcement measures such as protection of critical infrastructure, anti-terrorism, capacity building, and maritime situational awareness.
MARCOM Roadmap
Ben Lofstad from the NATO Shipping Centre (NSC) shared the MARCOM Maritime Security Symposium’s roadmap which aims to advance exchanges between the military and merchant shipping. It doesn’t currently include any deadlines or “owners” of key action items. The participants will receive the updated roadmap once NCS has implemented new items following the 2018 symposium.
The next MARCOM Maritime Security Symposium is planned for 13 June 2019.