On Wednesday, 23rd of November, a Maritime Cybersecurity Event took place at Eleon Loft for select members of the Greek Shipping IT community.
The event was organized by Oriani Hellas – a leading company in maritime digital technology transformation, and K2 Informatics.
The audience was a collection of experienced IT maritime professionals from the Greek Shipping industry. The event was created not only for attendees to hear the viewpoints of the excellent guest speakers, but to enable an open discussion about the latest cyber trends in the shipping industry and what the next steps should be to address them. In addition, there was the presentation of K2-Secure, a complete cybersecurity solution created through the collaboration of Oriani & K2 Informatics.
The guest speakers of this elegant evening provided a diverse range of opinions, covering the views from Class, Ship Owners, AMMITEC and Suppliers. They included:
Philip Nielsen, Co-Founder – Oriani Hellas
Michael Vrettos, Sr. Cyber Security Expert – RINA Hellas
Dr. Matthew Maheras, CIO – Metrostar Management Corp
George Gorgolis, CTO, Co-Founder – K2 Informatics
George Karistinos, Sales Development Director – Oriani Hellas
Alexandros Stathopoulos, IT Director – Hellas Confidence
First Mr. Nielsen, Co-Founder of Oriani Hellas, warmly welcomed everyone and set the scene; highlighting the growing number of incidents, the sophistication of these attacks and the general lack of awareness that is seen in shipping, a well-known ‘late adopter’ of technology. Included were some eye-catching statistics, such as the fact that in 2021 there was a 33% increase in cyber-attacks targeting ships or shipping companies, and in total that year there was an attack every 39 seconds. There was an appreciation of the experience of the audience, knowing that these statistics are already well understood and appreciated, so the aim of the evening was set – not to dwell on the current state but to delve deeper into how these threats can be best addressed.
Mr. Vrettos, Sr. Cyber Security Expert of RINA Hellas then presented the latest cybersecurity trends of the Maritime Industry. He started by highlighting the role of regulation in addressing vulnerabilities and the changing landscape from IMO, IACS and ISPS. It was clear to see the regulating bodies are shifting from requiring the basics of having a system and procedure in place, to now focusing on cyber resilience of those systems and the critical controls that have been established. He took the audience through how RINA is approaching these changes; namely by using digitalization to reduce complexity and assist, rather than complicate, companies with their internal procedures. RINA’s focus is to enable the seafarer by helping to translate cybersecurity requirements into meaningful procedures. Mr. Vrettos also highlighted the importance of Big Data in Shipping and the challenges it brings about, especially due to the volume of it, how it is constantly changing, the multiple sources and finally its level of trustworthiness. This adds another layer of difficulty when it comes to incident detection, but that could be addressed through Cyber Automation – a system that enables real-time monitoring, incident and asset management and remote support.
Mr. Maheras, CIO of Metrostar Management Corporation and vice-president of AMMITEC, took a more internal approach, looking at what companies themselves can do. He spoke about the most important cybersecurity questions that a company’s board-of-directors must start to consider. Firstly, a presentation of the current state was provided, with more of a focus on the human element – highlighting a lack of cyber professionals in the market, the impact of human error as the root cause of issues and an increase in ransomware. To tackle these human factors, Mr. Maheras explained the importance of changing the mindset from within the company, and as a first step to start with the Board of Directors. Through this approach you ensure that full adoption and understanding makes its way down to all employees, thereby relieving the pressure on the IT department. The board themselves must start looking at cyber security as a fundamental pillar of their business, reviewing their incident response plans, fully understanding the layers of protection in place and most importantly taking the company’s financial investment into cybersecurity as seriously as other security investments, such as guards on-board.
With the framework now set, following the valuable guidance from Class and AMMITEC, it was time to introduce the K2-Secure solution, an Oriani Hellas & K2 Informatics joint development, presented by Mr. Gorgolis – Co-Founder/CTO – K2 Informatics, and Mr. Karistinos – Sales Development Director, Oriani Hellas. The team started by highlighting how the joint development came about; through the understanding that K2 Informatics unique technical ability and experience within maritime technology, combined with Oriani’s established business network and detailed understanding of the customers’ needs would produce a unique holistic cybersecurity solution custom built for the Maritime Industry. Mr Gorgolis then went into detail around the functionality of the product including its coverage of firewall requirements (both visibility and protection, as well as networking and access), endpoint protection and remote monitoring and management. Oriani’s George Karistinos continued, to highlight how the tool ensures a proactive approach instead of a reactive response, thus allowing for the people to be the focus and not only the systems. Combining that strategy with 24/7 Greek support and RINA class approval ensures a maritime cyber-security tool that is fit for purpose and can really deliver value.
Last but not least, the IT Director of Hellas Confidence, Mr. Stathopoulos, introduced the success story of K2-Secure, providing the much-needed feedback of how the end customer can benefit from all the aforementioned advice and solutions being implemented. He compared the pre-existing condition of the company’s cybersecurity and internal procedures to how they were following the adoption of K2 Secure. Mr. Stathopoulos highlighted the previous level of manual work needed to ensure updates were in place on the anti-virus, manual management of program patches and OS updates. He described the experience that was found during the installation and adoption of K2 secure, and the resulting benefits, including better alerts, reporting, and monitoring. His honest and open view allowed the audience to see the reality of what can be achieved when making the step change to a more holistic solution that covers cybersecurity, remote asset management and adds 24/7 support.
After the last guest speaker, it was time for Q&A where the attendees asked questions via Slido – an interactive platform that allows everyone to add their questions, upvote most interesting questions, and vote in polls. The Q&A was followed by a delicious dinner – a fusion of Mediterranean & Middle Eastern cuisines combined with socializing and acoustic classical music.
The event received glowing praise from the attendees, with feedback including how the presentations we direct and to the point, with a real focus on the issues of today and realistic solutions that have been actually delivered. The warmth of the venue and friendliness of Oriani’s hosts merely added to the experience, ensuring that everyone went home with knowledge, awareness, and some newly established relationships.