Is cyber-security a value added service for maritime transport sector?

Abstract

The average total cost of each data breach worldwide in 2020 for transportation sector was $3.58million, which is slightly below the global average cost of data breach worldwide ($3.86 million) (Statista, 2021). That is nearly half of the cost related to sectors like healthcare and energy ($7.13 and $6.39 million respectively) (Statista, 2021). That cost of such data breaches in transportation sector is still low, as the level of technology implementation and digitalization is limited. Shipping, which composes a large part of the transportation sector, is a late adopter of technology, as it is not following the new trends and innovations (Papathanasiou et al, 2020). However as shipping is a key component of logistic systems (Song, 2015), therefore other parts of the logistics system as forcing shipping towards smart technologies application. The reason for that force is that logistics companies want to be transformed to Logistics 4.0 that will help them to reduce costs and improve supply chain visualization (Acciaro, 2020; Küpper, 2020). With the digitalization of ships and ports the concept of “Physical Internet” (PI) (global cargo handling system similar to the Internet) will be materialised (Montreuil, 2011). That will help to add value to services offered from maritime transport sector. To achieve that we need to securely implement technology to maritime transport sector. If that is not achieved, we will increase the level of risk, as the increase of technological solutions application into the maritime sector will “expose” the sector to cyber criminals who can operate on a global scale from remote locations. As the maritime sector risk management falls behind technological developments, that will generate the rise of an urgency to improve managerial visibility and cooperative cybersecurity research between maritime and Information Communication Technologies (ICT) professionals (Kalogeraki, 2018). With the aforementioned in mind, that cybersecurity is an emerging issue and the costs and inefficiencies that could be caused by a cyber-breach to maritime transport sector could spread to the overall logistics systems, the IMO requires immediate attention to the MSC-FAL.1/Circ.3 (IMO, 2017). According to the MSC-FAL.1/Circ.3 all ships are encouraged to have a process in place within their safety management systems for tackling cyber security risk issues, after their first annual verification of the company's Document of Compliance after 1 January 2021. As it is demonstrated cyber risk is recognized and shipping companies have to tackle it as it would cost them money and reputation. Therefore, cyber-security should be considered as a value added service, as according to the experts participated in the research demonstrated that it is very important in their daily operations. Finally, we could say that cyber-security could on the one hand secure maritime transport companies primary business while on the other hand is offering competitive advantage in a market that still lags cyber maturity; which could be considered to add value in the overall operations.