As the maritime industry turns to digitalisation to help improve operational efficiency, there is increasing awareness of the importance of protecting networks and vessels from cyber risks.
KVH Industries announced “6-Level Cybersecurity,” a cohesive group of initiatives designed to provide proactive cybersecurity protection for the KVH hardware and maritime VSAT satellite network used by its global maritime customers.
“KVH’s approach to the extremely important issue of cybersecurity is to address the complexity in numerous ways, from training seafarers with our KVH VideotelTM ‘Cybersecurity at Sea’ program—which we will begin making available at no cost to our VSAT customers this month—to the many network safeguards we have in place,” says Martin Kits van Heyningen, KVH’s chief executive officer.
A key level of KVH’s cybersecurity strategy addresses the important issue of seafarer training, as many incidents throughout the maritime industry can begin unknowingly with the crew.
Effective this month, all vessels subscribing to KVH’s mini-VSAT Broadbandsm connectivity service will be able to receive the KVH Videotel “Cybersecurity at Sea” training program at no cost. The program, created in conjunction with maritime experts and based on regulations from the International Maritime Organization and guidelines from the shipping trade group BIMCO, covers such topics as assessing and reducing the risks of a cyber incident and responding to a cyber incident.
Other levels of KVH’s cybersecurity strategy involve: satellite network security; terrestrial network security; hardware and network configuration; protected Internet egress; and response to threats and incidents.
For satellite network security, KVH implements numerous infrastructure safeguards and different types of authentication, encryption, or proprietary air interfaces. For the terrestrial network, KVH’s system is designed to provide traffic separation and to route global satellite traffic over private circuits to MegaPOPs, where Internet egress occurs.
“To enhance the security of transmissions between ship and shore, we’ve designed our system so that traffic does not touch the Internet before going through edge security devices at MegaPOPs,” notes Rick Driscoll, KVH’s vice president of satellite products & services.
KVH’s cyber strategy also targets the security of KVH hardware and network configuration. For example, onboard local area network (LAN) segmentation can be configured for operations, crew networks, and third-party charter networks via firewall. In addition, the myKVHTM portal is designed to provide the ability to enforce a crew login requirement on the vessel prior to accessing networked vessel systems or the Internet.
KVH’s cybersecurity strategy also focuses on protected Internet egress, including: application-level Universal Threat Management (UTM) firewalls in each KVH MegaPOP; application-level traffic shapers; multiple forms of threat blocking; and optional global static IP addresses.
Assisting a vessel or fleet in response to a cybersecurity incident is also part of KVH’s cyber strategy. KVH provides a cybersecurity incident response team if a fleet suspects a cybersecurity attack, with the goal to manage and minimize the risk as quickly as possible.
“We are working to continually upgrade our network security and our processes to reduce cyber risks for the vessels and fleets that rely on KVH’s mini-VSAT Broadband connectivity,” says Mr. Kits van Heyningen. “As the maritime industry continues to embrace digitalization, we are committed to continuing to be proactive about cybersecurity.”