With the rapid growth of IoT showing no signs of slowing down, and the sheer volume of devices and gadgets expanding to include things like Wi-Fi Brita Filters*, it feels like the right time to focus on the cyber security risks inherent in this relatively new and otherwise exciting area of digital transformation.
IoT
The ‘Internet of things’ is a term which refers to the system of interrelated digital, mechanical and computing devices. These devices have unique identifiers and can transfer data over a network without the need for any human interaction.
Sensors effectively communicate with the cloud via a connection, with data transmitted and then processed before an action is performed. This could be the sending of an alert or an automatic adjustment, without the user having to do anything.
Nowadays, the idea that your refrigerator can automatically adjust its temperature by scanning the items inside is one that we accept without a second thought. But what are the dangers of this type of technological advancement?
Cyber Security Risks
Everything that can connect to the internet can be hacked. In addition, inadequately secured information is often transmitted via IoT, which means that the risks involved are numerous.
In 2018, a DDoS attack was carried out against a range of different machines and devices. These included coffee percolators, webcams and routers. All were used to create a huge wave of internet traffic which then caused websites such as Twitter and The New York Times to crash.
How can you best prepare yourself against IoT-related risks?
- Act now by speaking to experts
- Ensure you have a robust Security Policy in place that includes BYOD
- Consider undergoing a cyber security assessment / evaluation (using a trusted source)
CRIBB Cyber Security, part of theICEway ecosystem
Our cyber security experts adopt a security by design approach. They have been helping clients in Healthcare, Maritime and Cruise for many years. Working within the Maritime industry has always proven to be a challenging yet rewarding experience for us. This is mainly because it has undergone a particularly huge digital transformation. After all, today’s vessels and ships are essentially floating cities that require incredibly robust connectivity solutions.
Automation and intelligent cargo tracking are also helping to change Maritime as we know it. These provide a wealth of solutions and also cut down on costs to boot. IoT connectivity generates a huge amount of data and insights, transforming daily operations at sea. It allows for issues to be clearly identified, processes to be radically overhauled and downtime to be reduced.
A good example of this is the Port of Rotterdam. Here, vast amounts of data are dealt with and operators now find themselves with more transparency than any of the world’s other shipping hubs.
Once again, however, we must recognise the downside of these developments. There are now more cyber security risks in Maritime than ever before. This demonstrates that whilst developing new tech does lead to an increase in efficiencies, it also leads to negative elements. These elements must then be tackled, and if possible, at the very outset.
How can CRIBB help the Maritime Industry?
With CRIBB Maritime Cyber Assurance (CMCA), an alternative to ISO27001 that is at once affordable yet robust enough to deliver the results you need.
Recognised by the IASME Consortium, CMCA was developed by CRIBB Cyber Security and theICEway to be the go-to security framework for maritime and cruise, guaranteeing full consultation throughout the project, a complete evaluation of your current levels of security and compliance, and assistance with Security Policies and procedures, HR, Management, Subject Access and much more.
Contact us today for more information on CMCA or to talk about cyber security and what it means to you; if you are concerned that you or your organisation might not be doing enough to stay protected, one of our experienced professionals will be glad to help.
Glossary
*Wi-Fi Brita Filter – Found in the Brita Infinity from Brita and Amazon Dash, this automatically orders a replacement filter once the existing one reaches a certain level
DDoS attack – A ‘denial-of-service’ attack is used to render a machine or network resource unavailable to the user, by disrupting the internet connection
BYOD – ‘Bring your own device’, this refers to employees using personal devices such as a smart phone to connect to a company network to access work-related systems and data
ISO27001 – An information security standard