Op-Ed: Maritime insurance adapts to rising cyber threats
Written by Heather ErvinBy Ed McNamara, CEO at Armada Risk Partners
Increasingly complex and sophisticated cyberattacks on the maritime industry are soaring at unprecedented levels.
There have been numerous successful cyberattacks and ransomware incidents targeting ports, airports and shipping.
The cyber threat landscape is increasingly dangerous as ports have become critical digital and physical hubs for global commerce. With this rise in sophisticated cyberattacks, vulnerabilities within port infrastructure, logistics software, and operational technology (OT) present significant security challenges.
Outside of ransomware, it is important to look into other key vulnerabilities and threat risks within ports:
Operational Technology (OT) – Ports rely heavily on OT systems like cranes, conveyor belts, and container management systems. Many of these systems weren’t originally designed with cyber security in mind, leaving them exposed to attacks. A breach in OT can halt operations, damage equipment, and cause significant economic loss. As the communication links between IT systems are only as strong as the weakest link, you should ensure that all systems have cyber defenses that are consistent across all technologies.
Supply Chain Attacks – Ports are part of complex supply chains, relying heavily on third-party vendors. If a vendor’s systems are compromised, attackers can gain indirect access to port infrastructure, affecting operations and data integrity.
Internet of Things (IOT) – Ports use numerous IOT devices for tracking cargo, managing logistics, and monitoring equipment. These devices often lack adequate security controls, and a single compromised IOT device can act as a gateway for cyber criminals to access the broader network.
Insider Threats – Insider threats pose a significant risk where vast networks of employees, contractors, and third-party vendors interact with critical systems daily. Unintentional or malicious intent can expose sensitive information or introduce malware into operational systems. Given the high level of automation and digital infrastructure in modern ports, even a minor security breach can lead to operational disruption, financial loss, or compromised data.
Ports around the world from Australia, Japan and Canada to Germany, Portugal, the Netherlands, and U.S. cities like Los Angeles have all come under attack.
In response to Department of Homeland Security warnings that cyberattacks were one of the most urgent threats facing American ports, President Joe Biden issued an executive order in February to give the U.S. Coast Guard more authority to deal with cyber incidents.
Regulations specifically focused on establishing minimum cybersecurity requirements for the maritime industry to address current and emerging threats are expected to come into force by 2026 and are designed to help detect, respond to, and recover from cybersecurity risks that may cause security incidents.
It is, therefore, abundantly clear that safeguarding operations and protecting the bottom line across the marine industry from ports and shipping to maritime logistics and technology service providers is not just necessary, it is a strategic imperative.
As a first step in protecting business, it is important to evaluate your current cybersecurity capabilities and your level of exposure to risk.
Cyber insurers expect ports, shipping companies and others in the maritime industry to have taken determined action to make systems and processes as secure and up to date as possible. Such actions are necessary to ensure you can secure the best insurance coverage and lower premiums.
We recommend that the latest cybersecurity technology is embedded in robust risk management procedures and policies together with continuous employee training and regular systems testing so that the latest threats can be identified and the level of security measures evaluated.
As companies and organizations develop their cyber risk mitigation strategy, cyber insurance plays a vital role in helping pay for recovery costs and can cover third-party liabilities as well as incident response support with access to specialist teams.
However, it is important to stress that cyber insurance coverage does not remove the need to manage risks with a cybersecurity program based on continuous improvement.
Those who successfully execute cyberattacks are for the most part highly sophisticated organizations and adversary nation-states with specific motivations. As the maritime industry has responsibility for the majority of global trade, it is a clear target because of the level of disruption a successful attack could achieve around the world.
Faced with the huge growth and ever-changing nature of cyberattacks on the maritime industry, the insurance marketplace is similarly changing in its response with increased premiums and reduced coverage.
In such an environment, we recommend seeking out policies that cover a wide range of cyber risks. You should select policy limits that best suit your risk profile and provide adequate cover for potential losses, including costs associated with breach response, recovery, and legal expenses.
Until the new cybersecurity regulations from the U.S. Coastguard are introduced, insurers will continue to look more favorably at ports and shipowners that follow voluntary guidelines such as those from the International Maritime Organization.
We cannot overstate the importance of staying alert to the rapidly evolving nature of cyber threats not just to your organization but also senior employees who may become targets because of their public profile and become victims of malicious email links and even ransomware attacks. Consequently, even with insurance in place, you should review coverage on a regular basis.
Working with a broker, who specializes in maritime insurance, understands your business and has a deep understanding of the nuances of cybersecurity, is important in ensuring you secure the most suitable coverage at a fair premium. When insurance expires, it is advisable – rather than automatically renewing – to check the details of the insurance which could have fundamentally changed.
In the unfortunate event of a successful cyberattack, a port specialist can help ensure there is a plan in place with an immediate response to any query.
Ultimately, the maritime industry will benefit from working with a skilled broker to help find insurance cover that caters for all eventualities in the ever-changing and increasingly complex cyber-attack environment.