Could cyber regulations add another consultancy burden

Malcolm Latarche
Malcolm Latarche

26 July 2017


###At a recent American Association of Port Authorities Port Security Seminar and Expo in Chicago, USCG Rear Admiral Paul Thomas expressed the view that at a time when all the security attention is being focussed on cyber matters, physical security of ports and vessels may be being overlooked. In his speech, it was also suggested that there may be a need for new regulation to address cyber security issues. In saying that he also stressed the point that regulations cannot address the commercial side of operations and the disruption of business activities caused by criminal cyber activity. Despite the problems experienced by Maersk Line and many other logistics related businesses in the most recent and highly publicised attack, there was no apparent threat to the safety of vessels or ports so no obvious reason for it to be used for new regulation to be determined. Admiral Thomas did not suggest that any new regulation was imminent but even the prospect must be worrying to ship operators who with the ISM and ISPS codes have already seen on two occasions a surge of consultants jumping on a band wagon intent on relieving them of large sums to ensure compliance with new rules. In addition to the cost of consultants, security concerns have also been responsible for capital outlays on SSAS and an intrusion into commercial confidentiality with AIS data being monitored and sold for purposes for which the concept was never initially intended. In some instances, with ISPS some companies had already considered the concerns in their ISM systems but were still obliged to pay again to certify that the ISPS requirements were covered. Some shipping companies are already working on the issue of cyber security and no doubt will be developing methods to protect their commercial interests, the thought of having to perhaps change their systems to meet future regulation must be troubling.