As discussed in part 1 and part 2 of this article, data confidentiality and data integrity – the first two governing principles of the CIA triad security model – are essential to keeping business-critical data protected and trustworthy.
Today we bring it all to a conclusion by looking at the last pillar of the CIA model: Availability.
The access paradox
Systems, applications, and data bring value to your organisation and your customers, but only when they are available, i.e. when authorised users have timely and uninterrupted access to them when they need them.
And paradoxically, ensuring access is in many cases the opposite of what cybersecurity must accomplish: prevent access. So, the first dilemma is to address ‘access to the right users and applications and no one else’.
So, what are the recommended measures to help ensure the availability of the data generated and used onboard your vessels?
Let’s have a look at the most important ones.
Best practices for securing vessel data availability
Many factors can jeopardise availability, including hardware or software failure. If this happens, getting your IT infrastructure up and running again, as quickly and safely as possible, is the number one priority.
Data availability relies on two main aspects:
- Hardware and software platforms storing it
- Access rights given to the correct users and applications
Regarding hardware and software platforms, it’s important to have:
The best hardware is less likely to fail, so investing in top quality pays off in better availability – and thus in reduced risk of degraded ship operations and costly network, system and application downtime.
Beware the harsh onboard environment. Vibration, heat and humidity can damage hardware, so consider carefully where to install it.
All hardware eventually malfunctions, so in order to ensure zero inaccessibility or downtime for the most critical data and applications, it’s important to have redundancy. Hardware redundancy simply means adding a duplicate device or component within the system that steps in when a primary device or component fails.
On a regular basis, make sure to copy a primary hard drive to a backup drive. If the primary drive fails, the secondary drive can be slotted in. The only vessel data lost will be anything produced since the last time the files were copied.
Lifecycle management – also for data
Because all hardware will eventually fail, planned replacement of older hardware (and software, for that matter) will make your overall infrastructure more reliable and provide improved availability.
As reliable storage has a cost that is somewhat proportional to the amount of data that is kept, it’s also important to clean up old and no longer relevant data, so your storage needs are kept under control.
Upgrades and software maintenance
Relevant hardware and software installations on board should be updated to help maintain a sufficient level of data and system availability. Put in place procedures for timely software patching and updates (take into account the ship type, speed of internet connectivity, sea time, etc.)
Software includes computer operating systems, which should also be kept up to date.
Additionally, a number of routers, switches and firewalls and various OT devices will be running their own firmware, which may require regular updates.
Backup / data recovery capability
Data recovery capability is the ability to restore a system and/or data from a secure copy or image, thus allowing a clean system to be restored. Essential information and software-adequate backup facilities should be available to help ensure recovery following a breach or other cyber incident, a hardware or software failure – or even a user mistake.
- Establish retention periods and restore scenarios to prioritise which critical systems need quick restore capabilities, to reduce the impact.
- Make systems that have high data availability requirements resilient.
- Implement backup of OT systems, which are vital to the safe navigation and operation of the ship. This enables the ship to quickly and safely regain navigational and operational capabilities after a cyber incident.
CIA summed up
The confidentiality, integrity and availability (CIA) model provides a framework for assessing the impact of:
- how to protect the confidentiality of your data, and prevent unauthorised access to and disclosure of information or data about the ship, crew and cargo
- loss of integrity, which would modify or destroy information and data relating to the safe and efficient operation and administration of the ship
- loss of availability due to the destruction of the information and data and/or the disruption to services/operation of ship systems.
The importance of confidentiality, integrity and availability depends on how the information or data is being used. For example, assessing the vulnerability of IT systems related to commercial operations may focus on confidentiality and integrity rather than availability.
Conversely, assessing the vulnerability of OT systems onboard your ships, particularly safety-critical systems, may focus on availability and/or integrity instead of confidentiality.
Besides the now traditional applications like planned maintenance systems and emails containing sensitive operational data, more and more business documents like packing lists, bill of lading, certificates or customs clearance documents are increasingly being provided in digital form. Moreover, a modern ship may contain thousands of sensors, generating ever-growing pools of data. This data needs to be turned into trusted information as the basis for true insights and value creation.
Data quality is essential when it comes to creating value from data. To harness the full potential of data for more effective operations and decision-making, you need to be able to trust it. This means you need to be able to trust the generation of the data (through sensors or manual collection), the equipment that stores, processes and cleans the data, and the algorithms that make sense of the data.
Poor-quality or compromised data is of little or no value to your company, as it cannot be relied on. More so, faulty onboard data or systems may be counterproductive, adding waste and costs, and potentially endangering safety, operations, environment, profitability, reputation and compliance.
For this reason, it is vital that you implement a robust, multi-layered IT security strategy to safeguard your onboard applications, networks and systems and ensure data confidentiality, integrity and availability, from ship to shore.
By Walter Hannemann, Product Manager, Dualog