The US maritime industry is being targeted by cyber-criminals, but it’s not prepared for future cyberattacks, according to a new study by law firm Jones Walker.
The law firm surveyed 126 senior executives, chief information and technology officers, non-executive security and compliance leaders, and key managers from US maritime companies. Among the survey’s key findings:
The maritime industry is being targeted: Nearly 80% of large US maritime companies and 38% of survey respondents reported that they’d been the target of cyberattacks within the past year. Ten per cent (10%) of respondents reported that the attack was successful.
There is a false sense of security in the industry: 69% of respondents said they were confident in the industry’s overall cybersecurity preparedness – but 64% said that their own companies were not prepared to handle the consequences of a data breach.
Small and mid-sized companies were far less prepared to deal with a cyberattack than large companies. While 100% of large companies said they were prepared to prevent a data breach, only 6% of small company respondents and 19% of mid-sized company respondents said they were prepared.
Small and mid-sized companies lack even the most fundamental cyber protections: 92% of small company respondents and 69% of mid-sized company respondents said they had no cyber insurance, while 97% of large company respondents had coverage.
“The US maritime industry is sailing too close to the wind when it comes to cybersecurity,” said Andrew Lee, Jones Walker partner and co-chair of the Data Privacy Group and co-author of the study. “While industry stakeholders are educated and aware of the severe implications of a cyberattack, in many respects they are unprepared for the severe fallout from a major cyberattack. Hackers are modern-day pirates who have the ability to sink maritime industry sectors that are unprepared for what’s coming at them.”