MARITIME CYBER RISK A REAL AND PRESENT DANGER

MARITIME CYBER RISKA REAL AND PRESENT

DANGER

FOR THE MARITIME TRANSPORT INDUSTRY

PRESENTERS

Captain Thomas BrownCEO - Shoreline Ltd

Nicholas TaylorConsultant - Shoreline Ltd

Maritime cyber risk and our insurance solution

1. The maritime cyber attack landscape in numbers

2. What’s at risk for our shipowner clients

3. The real cost of maritime cyber incidents

4. An overview of maritime cyber risk both at sea and ashore

5. Compliance both regulatory and commercial

6. Shoreline’s insurance solution (MCI)

7. The pricing, scope and delivery of cover

8. Why choose MCI as your cyber risk transfer solution?

9. Questions

Shoreline MCI Webinar June 2020

POLL


Findings of the 5th Annual BIMCO cyber security survey

• Nearly one-third of respondents (31%) said their organisation had experienced a cyber incident in the last 12 months

• The most common attacks cited in order of highest frequency were;

• phishing

• spear phishing

• malware

• The top three cyber attack outcomes in order were said to be;

• loss of money

• systems outage onshore (BI) and;

• reputational damage


What’s at risk?

Dollars – business interruption and theft of financial assets

Reputation – denial of service/failure to meet contractual commitments

Data – personal and commercial

3rd Party Liability – passing on the problem to your commercial counterparties

Survival – bankruptcy


High profile attacks

Maersk

June 2017 NotPetya malware Ukraine

COSCO

July 2018 Disruption of internet EC USA Terminals

MSC

Spring 2020 Malware in data centre / customer interface Geneva/Global

Stena

Sept 2018 Hackers access employee data Scotland

Austal

October 2018 Breach of data management system AustraliaData offered for sale / extortion attempt


Example SME cyber incident loss cost

DATA BREACH

• Breach Management – data protection issues

• Legal Expenses

• Costs of Forensics

• Notification and Call Centre service

• Providing credit monitoring to victims

US$ 783,596

Source Acrisure Claims Files

Shoreline MCI Webinar June 2020 2020


RANSOMWARE

• Legal Expenses


• Ransom payment

• Data Restoration

• Business Interruption / Additional Operating Costs

US$ 409,822




BUSINESS EMAIL COMPROMISE

• Legal Expenses


• Theft of Funds

US$ 332,335



Questions to ask of owners?


The Solution


Cyber security + Cyber Insurance

= Cyber Resilience

What’s the enterprise risk of ship to shore interconnectivity?


Information Technology (IT)

• IT networks

• E-Mail

• Admin / Accounts / Crewing

• Planned maintenance / spares management and sourcing

• Charter Parties / bills of lading / notices of readiness

• Cargo booking systems and stowage plans

Operational Technology (OT)

• GPS

• AIS

• ECDIS

• SCADA &/or remote support for machinery

• Cargo Control

Impact Ability to performFinancialsReputation

Impact LifePropertyEnvironment

Acknowledgement: DNV GL

The threat landscape


• Ever greater integration shore to ship / operational and information technologies converging

• Benefits of improved inter-connectivity balanced by viruses being transmitted faster / further

• Malware so much more easily programmed

• Speed of change of technology: change is fast and disruptive

Who is behind a cyber-attack?

Various guises / motivations: threats both external and internalActions are manifested in different ways

• Activists – political or ideological

• Nation states imposing disruption

• Cyber terrorists & criminals

• Disgruntled & maliciously-minded employees

• Organised crime seeking to acquire & exploit stolen data

Overriding motivation is $$$


2020 Emerging threat:Cyber-enabled fraud


• The fall-out from Covid-19: added vulnerability of employees working from home has meant

o Inadequate preparation re cyber security

o Reduced “cyber hygiene”

o Communication and accountability stretched – awareness diminished

• Mimecast detections thru 1st quarter 2020:

o Spam/opportunistic attacks increased 26%

o Impersonation increased 30%

o Malware increased 35%

Regulatory compliance

• General Data Protection Regulation (GDPR)

applicable in EU from 25th May 2018

• IMO Resolution MSC.428(98) encourages IMO member states to ensure cyber risks are addressed in Safety Management Systems no

later than the first annual verification of a company’s Document of Compliance after 1st January 2021


Commercial expediency

Tanker Management and Self Assessment No.3 (TMSA3)

Effective: 1st January 2018

New: Element 13 - Marine Security - includes “cyber security”

Comment:

• Self assessment but auditable

• Not just vessel focussed: attention to operational management

• Will Dry Bulk vessels follow the same path


POLL


MCI Objectives


To cater for:

• SME ship owners and operators

• The entirety of their business – on land and at sea

• The financial losses suffered following a cyber or cybercrime attack

• The necessary stretch from standard cyber cover to accommodate “cyber-enabled fraud”

• Access to responsive service in event of the discovery of an attack

In a bespoke marine wording

In modular format

Key Loss Triggers in the MCI Response


Network Compromise unauthorised access to or misuse of an insured’s

computer or communication system

System Failure unintentional or unplanned outage of an insured’s

computer or communication system

Data Breach unauthorised acquisition of data by a third party,including by an employee, that compromises confidentiality

or integrity of personal data or business information

Extortion Demand threat to corrupt an insured’s computer, etc, to introduce malware, or execute a denial of service attack

Material Degradation complete or partial interruption or degradation in service

or failure of a computer or communication system

Headline Coverage - Cybercrime


Cyber Theft transfer, corruption or loss of money or financial assets arising from a network compromise

Social Engineering plausible instruction to deliver funds purporting to come from

a legitimate source

Headline Coverage - Cyber


Digital Assets Indemnification of costs associated with replacing or restoring

digital assets to the state they were in prior to a network compromise or other trigger

Breach Response Costs legal fees and costs associated with compliance with

legislation, notification of effected individuals + P R expenses

IT Security & Forensics costs incurred in investigating the source, scope and impact of

an insured peril: including tackling malware, restoration of

data, impact of social engineering, remediation of a failure of computer security

Key: urgency in the delivery of external expertise and service,

integrated with insured’s own crisis management resource

Headline Coverage - Cyber contd.


Extortion Demands reimbursement, where permitted, of extortion payments

Business Interruption reimbursement of enterprise-wide loss of profit and

additional operational expenses suffered during the period

of restoration following the operation of a material

degradation or one of the key triggers

Cover provided without the need for PD to be demonstrated

Not Cyber Loss of Hire

“Regulatory” reimbursement of defence costs and, where permitted,

fines

Headline Coverage – Cyber contd.


Third Party Liability payment on behalf of the insured damages and defence

costs for which the insured becomes legally liable to third

parties

typically for failure to protect information or to have

negligently permitted the transmission of a virus to a

third party

excluding liabilities normally recoverable from a P & I

Club

POLL


Our part of the solution - MCI key features

• Insured(s) – SME Shipowners or Operators

• Coverage granted for owned or chartered fleets, including in-house ship management companies

• Maximum Policy Limit(s) for any one event and in the annual aggregate:

Cyber USD 20M “Cyber Crime” sub-limit USD 500K

• Policy Deductibles starting from USD2,500 for the smallest of insureds

• Business Interruption Time Retention - minimum 8 hours

• Subject to the satisfactory completion of a short proposal form

• The Insurer – Maritime Insurance Solutions Ltd – Bermuda, 100% reinsured at Lloyd’s

• Cyber Response Consultants – Charles Taylor and Associates

• Excluding claims categorized as property damage or death or bodily injury


Pricing

To provide a very rough non-binding pricing indication in order to generate client interest all we need to know is the following:

a) The client’s fleet list to establish vessel particulars

b) The company’s annual turnover

With this information to hand we can generate a non-binding pricing indication in the following format.

Shoreline MCI Webinar May 2020

4 x Non-Binding Pricing indications


Underwriting Information


• Vessel type(s)

• Number of vessels in the fleet

• Percentage owned v operated fleet

• Information submitted regarding the owner's self assessment of their degree of readiness with regard to cyber-security. Including commentary regarding compliance with MSC.428(98) &/or TMSA3 if applicable.

Quoting considerations


• Premium variance subject to company information provided and meeting minimum underwriting standards

• Base Premium is substantially determined by revenue and limit required

• Discounts are available to delete sections from policy

• Increased limits are available on request

• Subject always to mutually agreed terms and full policy conditions

Why MCI? Answer: Pricing and Service


1) Shoreline has control over pricing and service for its SME shipowner clients, thereby guaranteeing a prompt and efficient client service

2) By targeting SME business Shoreline has reduced and simplified the application process thereby replicating the buying process to which our clients are accustomed

3) The modular nature of the cover ensues the client receives the right cover for their needs within their budgetary requirements

4) Shoreline has integrity, experience and a track record as an independent provider of specialist marine products to an established client base

QUESTIONS


FIND FURTHERINFORMATION AT:WWW.SHORELINE.BM

Capt Thomas [email protected]+1 (441) 505-1002


Nick [email protected]+ 44 7770 866 530

Documents

MARITIME CYBER RISK A REAL AND PRESENT DANGER