Netweek (Aug 2021) - Vessel Zero Trust Detection and Response using AI
Throughout its activity scope, the global shipping industry is increasingly connected to and dependent on cyber systems. The inability to prepare, plan and deal with malicious cyber-attacks (targeting either ships or offices) can have very unpleasant consequences for shipping companies that will be subject to such attacks.
The operations of the shipping industry are based on cyber systems such as positioning systems (GPS), electronic certificates, cargo tracking, electronic navigation (ECDIS), automatic identification systems (AIS), etc.
Vessel Zero Trust Detection and Response using Artificial Intelligence
by Nikitas Kladakis - Netbull CEO
This dependence on computers and computer networks, especially those connected to the Internet, creates opportunities for cyber-attacks as a result of poor security practices. The consequences of these attacks, in modern times, can be incalculable. For example, collision or grounding of a vessel may result from interference with means of navigation and / or other systems, which could lead to:
- Loss or dangerous situations for vessels
- Crew injury (in case of piracy)
- Load loss
- Loss of vessel operations (eg loss of communication with office and/or charterers), and
- Loss of third-party activities (eg port or crossing channel activities)
Therefore, the threats due to the exposure of vessels on the Internet cannot be handled by traditional security mechanisms (Firewall, Antivirus, etc.) but by designing and implementing the appropriate security architecture.
Netbull, a pioneer in the field of information systems security, taking into account the shipping industry requirements in relation to cybersecurity, has developed the eASIS Threat Management Platform (based on the IBM QRadar SIEM solution). The eASIS platform is a complete threat protection and detection solution using IBM QRadar Advisor with Watson artificial intelligence technology and implementing zero-trust architecture, capable of detecting cyberattacks event in an Operation Technology (OT) environment of a vessel.
The platform is not based on a single machine learning system that eliminates any kind of cyber-attack but on a combination of algorithms that enrich their knowledge of user behavior (User Behavior Analysis), devices behavior (Endpoint Detection and Response), cloud services, as well as the IT and OT environments (Network Detection and Response). These mechanisms work in unison and use both static and dynamic analysis techniques, in order to detect security incidents, immediately and effectively, before they escalate.
Detecting security incidents before they escalate was one of the key motivations for integration of our platform with IBM QRadar Advisor with Watson artificial intelligence services.
With artificial intelligence, Netbull analysts in addition to simply monitoring system logs, can use all the information available in cloud security services to detect threats and respond to emergencies.