David L. Hall
Publications

Navigating Cyber-risk

December 1, 2015 Published Work
Best's Insurance News and Analysis

Hackers interfere with a GPS signal, causing a vessel's onboard navigation systems to falsely interpret position and heading. Somali pirates employ hackers to infiltrate a shipping company's network to identify vessels in the Gulf of Aden carrying valuable cargo. Hackers cause a floating oil platform to list to one side.

These and other similar incidents have happened, as noted in a July 2014 International Maritime Organization proposal for the development of guidelines on maritime cybersecurity. They will surely happen again. All sectors of the economy have become aware of the potential costs of a cyberattack and the marine industry is no exception. Cyberrisk is therefore of particular concern to marine underwriters. But in a risk-based business like marine underwriting, that's not the end of the story. Other factors are at work, such as the likelihood of such intrusions, the frequency, and the resulting costs. The challenge for the marine insurance industry is how to evaluate these risks, and whether and how they may be insured.

Cyberrisk in Context

A significant factor in cyberrisk analysis is the increasing reliance placed by all businesses on big data. The very data sets that generate efficiency and commercial effectiveness also create new challenges: Data sets are so large and complex that traditional data management tools and data processing applications quickly become outdated and inadequate. Thus there is the need for powerful data management systems using supervisory control and data acquisition and industrial control systems software.

But just as this software increases productive efficiency in managing large data sets, so it increases destructive efficiency by hackers when they intrude in networks. All of this occurs in a world that is increasingly interconnected: The distribution of cyber-based infrastructure is global, particularly in the marine industry where everyday business requires electronic interaction among a multitude of integrated networks.

To read the full article, click the PDF link below.

Resources