Only 1 in 6 shipowners fully understand what a cyber-secure vessel should look like upon delivery, highlighting a critical gap in the industry’s approach to maritime cybersecurity. The report, jointly published by Thetius, CyberOwl, a DNV company and HFW, explores key stakeholder challenges and approaches to managing cybersecurity and cyber threats across the lifecycle of a vessel.
The Lifecycle Dilemma: Navigating Cybersecurity Risks Across Designing, Constructing and Operating a Vessel delves into the shifting risks and disconnected approaches in cybersecurity across each stage from initial design through to its operation and maintenance. It outlines the roles, responsibilities, challenges and misconceptions of various stakeholders at each stage of the vessel lifecycle.
The report launches at a time of growing cyber threats for the shipping industry. Increasingly sophisticated cyber criminals and new system vulnerabilities are arising as a result of a more connected world. Designing a vessel with cybersecurity in mind is not just optional but a necessity.
The Lifecycle Dilemma emphasises the need to embed cybersecurity into every stage of a vessel’s lifecycle, starting with a secure-by-design approach.
This report consolidates the opinions of more than 150 stakeholders, including shipowners, charterers, OEMs, seafarers, insurers, shipyards, and other cybersecurity experts. It provides a detailed assessment of the current and anticipated cybersecurity challenges. It evaluates the industry’s responsiveness to evolving regulatory demands and technological progress, emphasising the critical need for integrated cybersecurity practices throughout the vessel lifecycle, from initial design to ongoing maintenance.
Key findings include:
– The proportion of shipping companies paying ransom has halved (7% within the last 12 months vs 14%).
– Large ransom demands are being rejected
– The average ransom paid was now US$100k (vs US$3.2m previously).
– 17% of shipyards feel they have adequate in-house cybersecurity expertise to design and construct a cyber-secure vessel.
– 10% of OEMs incorporate security-by-design in new systems. This leaves owners unaware and vulnerable to potential risks in critical systems.
– 32% of shipowners include cybersecurity in their newbuild teams. Many smaller companies assign cyber responsibilities to personnel that may lack cybersecurity knowledge.
In light of the growing cyber threats facing the maritime industry, The Lifecycle Dilemma is set to be an indispensable resource in navigating these challenges, driving critical discussions and actions needed to enhance cybersecurity protocols and protect global maritime operations.
Tom Walters, Partner, HFW, said, “With one in five shipping companies facing a cyber attack in the last 12 months, our landmark report could not be more relevant. The shipping industry is increasingly relying on technology for its operations, and with this comes greater exposure from external threat actors. It is vital that companies operating at every stage of the vessel lifecycle take action to protect themselves from the continuing threat. Our new report provides an insight into the current industry trends and aims to empower firms to act to mitigate these risks.”
Daniel Ng, CEO, CyberOwl, a DNV company, said, “It’s clear from the research we are entering an era of expertise. Point solutions and one-off initiatives for vessel cybersecurity will no longer cut it. Risks evolve across each stage of the vessel lifecycle. Regulation increasingly demands end-to-end thinking. Now, more than ever, shipowners need to make the right choices, supported by the right domain expertise. Decisions made at design have consequences in the total cost to operate. ”
Nick Chubb, Founder, Thetius, said, “Over the last three years, this research partnership has documented the enormous progress the industry has made on cyber risk management. But there is more to do. This report highlights the need for a more integrated, lifecycle-wide approach that embeds cybersecurity from design through to daily operations. By working together, shipowners, shipyards, and OEMs can strengthen resilience, reduce risks, and ensure safer, more secure vessel operations in an increasingly digital world.”
Click here for the full report