Assessing cyber risk for cruise operators, ABS Consulting plays a key role for newbuilds, ships in operation and shoreside, helping cruise lines keep guests, crew and systems safe, said Michael DeVolld, director of maritime cybersecurity.

DeVolld said that the cruise industry was nothing short of complex, operating ships with thousands of guests and crew, sailing to ports globally, with no shortage in systems and software supporting it all.

“We think about the operation, and what is critical to keeping passengers safe and doing business,” said DeVolld.

Cyber Events.

“We ask, what are the things that if they are not available due to a cyber event would cause a ship not to operate,” DeVolld questioned.

That question can get answered by interviewing personnel, looking at network architecture and more, he continued. That includes doing penetration system and probing networks for vulnerabilities.

As ships have gotten more connected and thanks to Starlink, more vendors are able to access systems to look at data and suggest maintenance. On the flipside, these systems then need to be segregated from others.

“Having back ups are critical. If you have a system where you are not worried about data, say telemetry, if someone gets that, it’s not that valuable … you can wipe it and go to a back up.”

“Back ups and the ability to restore quickly are critical,” he continued. “As is having a contingency plan in place. Are you going to pay the (potential) ransom? What is your PR stance?”

Other vulnerabilities include feeding the wrong data to critical systems on a ship as cruise lines continue to worry about a forced environmental incident.

“It’s not always a bad actor. Cyber incidents can happen by accident. There could be malware on a usb stick. Bad things can happen inadvertently … There are 2,000 crew aboard some ships with access to all the systems. Most cruise lines have an insider threat program that has evolved, bridging over to cyber.”

Readiness

Operational Readiness means getting everyone involved in the mission objective, DeVolld said.

Cyber security drills are becoming more commonplace for ships, he said, similar to firefighting drills or practicing to respond to flooding or damage.

“We help understand the risk and bridge that gap,” he said, adding that operators should focus their energy where the highest risk is.

As bridges and engine control rooms have gotten more advanced, dials and buttons have disappeared in favor of screens.

“If you lose all visibility, what are you going to do? The ships are massive now, and we have done exercises going over that … without the ship having the visibility (of the screens) … the more reliant we are on technology, the more vulnerable we are to cyber incidents.”