Interview: Tore Morten Olsen, President Maritime, Marlink

October 18, 2019

“When the human element is considered, securing networks from cyber-attack is incredibly challenging. Reducing human interaction with on board networks and computers by deploying a more standardized IT environment can minimize risks.” -- Tore Morten Olsen, President Maritime, Marlink

Tore Morten Olsen, President Maritime, Marlink, discusses the pace and direction of high speed comms in maritime.

Using metrics of your choice, put in perspective where we are today in terms of getting shipowners to adopt high speed communication solutions.

The term broadband has been used in the maritime industry for at least a decade and if we are to follow the FCC’s definition which was upgraded to 25mbps from 4mbps (download) in 2015, then those high speed internet services are nothing of the sort.

However, everything is relative. Receiving a steady 2mbps in the middle of the Atlantic is certainly high-speed internet in the context of the technical challenges and cost per packet of data sent, so in the context of maritime satcom, the term is valid. Considering the performance vs cost equation, we see that 512kbps up to about 4Mbps as the current sweet spot where the business case makes sense on the majority of merchant vessels. Even at the lower end of the scales, crew will be able to access social media and managers can apply smart shipping processes to improve operational efficiency.

The situation is different in the cruise and energy markets, where the demand is for services that can outstrip what is available for everyday users on land in some cases. A Marlink cruise customer consumes significantly more per vessel vs a merchant vessel to ensure its guests can access the internet and upload videos and pictures to social media. Likewise, the seismic survey sector is very bandwidth hungry as the benefits of transmitting live survey data to shore start to become tangible as services costs come down.

We discuss ‘digitalization’ more and more, but how fast is it moving toward continuous monitoring of shipboard machinery and operations?
Crew welfare has always been an important driver, but digitalization and smart shipping are certainly catalyzing investment in satcom and have been since the financial troubles of 2008/09. More ship owners and managers are connecting assets onboard and embracing new tools taking advantage of the data that their ships produce in an intelligent and effective way. This improves decision making and thus operational efficiency and helps in improving operational insight and decision support from shore. While new data-exchange focused regulations like EU MRV or amendments to MARPOL Annex VI on Data Collection system for fuel oil consumption of ships are part of the change, the drive for digitalization will also come from the inside, as technical staff and executives are exposed to more tangible benefits from the innovations that help with improving ship and fleet efficiency.

New digital platforms and LEAN-IT environments are offering new ways of working. Diverse and integrated applications, with cloud-based access and storage, are consolidating vendors and interfaces and we are today at a stage where the available satellite capacity, speed and reliability of service can allow ship owners to make this move to online cloud-based operations safe in the knowledge that their applications and data will always be accessible. With the combination of a visible ROI, improved efficiency and keeping crew safe and satisfied, we expect to see the digitalization trend continue to grow.

How about cyber security concerns?

The risk is real and to be taken very seriously, especially when you consider the cost of a successful cyber-attack. We have all seen the headline figure of $330 million that the Not Petya attack cost Maersk. But there have been hundreds of other incidents on ships and most likely thousands of unreported successful cyber-attacks. The problem is growing with more generic attacks getting through and an increase in malware targeted towards maritime operators specifically. Ships are using so much data due to digitalization and crew welfare that you simply cannot rely on security by obscurity in this hyper-connected world. Shipping companies have to establish a strategy with the tools to implement and sustain it, both from a technical and educational standpoint, in order to stand the best chance of detecting and responding to cyber-attacks.
Unfortunately, not all ship owners are taking the threat as seriously as it should be taken.

Marlink conducted a survey of clients with over 200 responding with information about their level of IT and cyber security compliance. Unsurprisingly, the larger, better-funded companies are responding to the reality and have been investing in technical solutions as well as developing new processes and procedures internally to minimise the cyber risk that comes from the human element. But there are many ship owners and operators that have not even started to move towards the level of IT security and compliance they need as the threat continues to grow. It’s much harder to achieve without in-house IT resources that many of the larger companies enjoy, but with the stakes so high, security cannot be left to chance.

What is Marlink doing to address the concerns around cyber security?

When the human element is considered, securing networks from cyber-attack is incredibly challenging. That website may look safe, but is it really? The USB stick you bought from home with all  those downloaded movies, can you be certain it is malware free? What about the email from an unknown source, are you really inline to inherent millions of dollars from a long lost uncle? Unfortunately, crew are a major attack vector for cyber criminals, so training them to ensure that they are completely aware of the risks and consequences is crucial to any cyber security strategy.
Reducing human interaction with on board networks and computers by deploying a more standardized IT environment can minimize risks. For instance, our ITLink portfolio delivers high level monitoring and automation which delivers efficiency and lowers IT management costs through i.e., automatic updating of operating systems and anti-virus definitions. The knock-on effect is that crew access to terminals is reduced. Also, with the Marlink Cyber Guard portfolio we offer advice and consultancy services alongside the standard protection layers (firewall, anti-virus, content filters, separated lans etc).

What do you see coming in regulation in terms of maritime cyber security?

IT security and compliance should be integral in all ship owners strategies in the context of an increasing global IT security threat, and also to ensure that our customers are ready for new regulations that focus on data exchange. As well as the EU MRV and amendments to MARPOL Annex VI on Data Collection system for fuel oil consumption of ships, new cyber security guidelines in TMSA version 3 and IMO 2021 will demand more IT compliance at sea. New regulations will continue to be developed by national and international bodies, but we believe that the commodity owners will play a part too. This is reflected with the involvement of oil majors in requiring compliance to TMSA to get business, but with digitalisation happening throughout the maritime industry, other major stakeholders are likely to demand certain standards from the shipping companies they use. So, securing a platform for IT security and compliance right now, will ensure readiness for a very different regulatory landscape in the future.

broadbandconsultancy servicesenergy markets