CRIBB is part of theICEway ecosystem along with ICE and eTestware. Next year, ICE turns 15 and our friends there have been reflecting on how things were in the beginning – read more. Not to be outdone, it is now our turn as we will turn 5 in just over 2 weeks’ time! So then, today we are looking at cyber security in cruise & maritime to see how things were back in 2016 and how they are now. Look out for more anniversary-based content this month. Also, if you are new to CRIBB then don’t miss out on the opportunity to secure a free cyber-risk consultation (more below).
The Managing Director of CRIBB Cyber Security, Conor Byrne, is in good spirits when we sit with him. A veteran within IT and cyber security, Byrne is a huge advocate for security by design – as indeed are all on theICEway. Hardly a surprise when you consider that he, along with Ian Richardson, founded this ecosystem of companies that works hard to deliver digital transformation.
Security by design is an ethos based around implementing secure controls and frameworks from the off. It is about being proactive and assuming that you are a potential target for cyber-criminals, no matter the size of your organisation. Every technology project that ICE is involved with is infused with security by design.
Conor beams with pride when we mention that ICE’s 15th birthday is coming, taking place next year in May (more on that below). His beam breaks into a grin when we then point out another upcoming milestone in the shape of CRIBB’s 5th birthday. “5 years is a long time, especially in the digital world. New technologies come and go rapidly, so you’ve got to be agile and innovative in your approach. I’m tremendously proud to say that CRIBB has so far stood the test of that time.”
A lot of changes have happened in the world since 2016, a year which saw the launch of the Amazon Echo. One thing that hasn’t changed in 5 years, however, is the need for cyber awareness. If anything that need has grown and is at an all-time high, as Conor alludes to as we continue our conversation.
Cyber security is critical
“Cyber security is a critical element for any organisation nowadays. At the start for CRIBB, back in 2016, ransomware incidents had spiked by around 6,000% – it was truly incredible. There were over 600 million ransomware attacks that year but that number then decreased over the next few years. That was until last year, when the numbers started to grow again and there were just over 300 million attacks. The numbers are continuing to grow, so having a robust security framework in place is essential.”
Conor and his team of cyber security experts are proud to have worked with clients from a plethora of sectors, including Healthcare and travel. It is the cruise industry, however, where CRIBB delivers perhaps its most impressive results – even developing a security framework specifically for cruise.
Cyber Security in cruise & maritime – then and now
In March 2016, ICE published this blog piece on cyber security guidelines for cruise. Well worth a read, it pointed out 4 critical steps to take to combat cyber-crime:
- Add an agenda point to each Board / Senior Management team meeting to review and report on cyber security
- Do not assume that your current IT team are experts in security
- Implement any / all recommendations
- Remember that as long as you require internet-connected devices and systems, you will need up-to-date security
5 years on and these are still valid points, with the last one in particular standing out as being prescient. Nowadays, more than ever before, cruise ships require constant connectivity. The growth of IoT means that there are now many different devices on board at any one time, including those belonging to passengers. ‘Malicious actors’ seeking to take advantage of these devices and connections are also growing steadily. As we have already heard, ransomware too is on the up. The points above should now be second-nature to those in cruise and maritime. So what can they do now then to ensure they are cyber resilient?
- Implement regular training on security awareness, paying particular attention to phishing
- Deploy network segmentation on ships (separate out recreational & transactional networks from operational ones)
- Ensure that a robust framework is in place to identify gaps and allow for optimal risk management (i.e. NIST or CMCA)
- Keep your ‘detect and respond’ processes up-to-date to minimise the impact of cyber-incidents
CRIBB turns 5
As an official, UK government-backed certification body, CRIBB Cyber Security has provided end-to-end cyber resilience for clients since 2016. They have worked hard to raise cyber security awareness in general as cyber-attacks have grown during that time. Conor is very proud of the cyber security professionals who have represented CRIBB and who are part of the team today.
Their collective goal is to take away the pain and stress of IT Security from you. We’ll work with you to protect your systems and data. We’ll help to educate your staff and instil in them a simple mantra: Be careful, defensive, compliant and be secure.
To celebrate this momentous occasion, we are offering a free, 1-hour cyber-risk consultation for the month of November. Simply contact us and quote ‘CyberRisk5’ to receive an evaluation of your current IT security operations. We will provide you with a list of recommendations to bolster your cyber security and overall cyber awareness.
ICE turns 15
Back in 2007, Netflix had just introduced a streaming / VOD service. The Apple iPhone 3G and Google Android had been launched. Conor Byrne and Ian Richardson meanwhile were busy setting up ICE, an IT solutions specialist. In May 2022, ICE will turn 15 – quite the milestone. Keep an eye out for related content in the weeks and months ahead in their blog section.
As we near the start of our 6th year in cyber security in cruise & maritime, we are proud of the work we have done. We have also helped clients in insurance and travel and continue to build out our security solutions. Cyber security is a crucial element for any organisation and must be a focal point for everyone. Awareness of it must be raised at every level, from top to bottom, with a proactive stance adopted wherever possible.