Collective Efforts to Strengthen Maritime Cybersecurity
During Singapore Maritime Week 2024, the Maritime and Port Authority of Singapore (MPA) inked two memorandums of understanding (MoUs) during the Accelerating Decarbonization and Digitalization Conference. Enhancing cybersecurity in the maritime industry is the goal of the first Memorandum of Understanding (MoU) signed by MPA, Tallinn University of Technology (TalTech), Foundation CR14, Singapore Maritime Institute (SMI), and Singapore University of Technology and Design (SUTD). Specifically, the MoU aims to establish collaborative cybersecurity research and development, test bedding, and skills training projects. Improved cybersecurity collaboration and information sharing among maritime companies, the development of maritime cybersecurity capabilities, and the strengthening of the cybersecurity talent pipeline are the objectives of the second Memorandum of Understanding (MOU) between MPA, Singapore Shipping Association (SSA), Singapore Institute of Technology (SIT), and SUTD.
MoU between MPA, TalTech, Foundation CR14, SMI and SUTD
The joint cyber training exercises with Foundation CR14 utilizing the SUTD-based Maritime Testbed of Shipboard Operational Technology (MariOT) system, which is expected to be delivered by March 2025, is a major area of partnership. An industrial-grade cyber-physical model of the key operational technology systems on board a ship will be the MariOT system. When it is operational, it will assist in the testing of various cyber vulnerabilities and solutions by industry partners through simulation drills and exercises. The areas of competence for Foundation CR14 are cybersecurity ranges and cyber range solutions, which include testing, validation, experimentation, training, and exercises related to cyber ranges.
Research on the function of human aspects in maritime cybersecurity, associated hazards, and mitigating techniques will be conducted in partnership between TalTech and SUTD. They will also research the risks that irresponsible use of artificial intelligence (AI) poses to ports and ships’ digital systems, as well as the significant opportunity that using AI-enabled technical solutions presents for cyber defenders.
The development of academic and student exchange programs is another goal of the MoU. In order to increase the number of networks, systems, and applications that can be simulated, the institutions plan to investigate the integration of their cyber simulation centers.
The MoU was signed by David Foo, Assistant Chief Executive (Operations Technology), MPA; Mr Roomet Leiger, Director, TalTech; Mr Silver Andre, Chief Executive Officer, Foundation CR14; Mr Tan Cheng Peng, Executive Director, SMI; and Prof Chua Chee Kai, Associate Provost, SUTD.
MoU between MPA, SSA, SIT and SUTD
Under the auspices of the Maritime Cybersecurity Roundtable, the MoU is an endeavor led by SSA and includes MPA and the industry. The Roundtable was founded in April 2022 with the objective of enhancing the cybersecurity capacities and cyber resilience of the industry as it grows more digitally and globally networked.
The MoU intends to create a comprehensive and specialized training curriculum for the industry, set training standards, and use simulation technologies to speed up learning and skill acquisition in addition to leveraging input from the shipping sector in the development and use of the MariOT testbed to validate new cyber-security technologies.
Through career conversion for mid-career professionals and other talent attraction initiatives for youth, including expanding cybersecurity-related curricula at SIT and SUTD to include maritime operational technology (OT) systems, the MoU industry partners will increase career opportunities for cybersecurity talents.
Professor Chua Kee Chaing of SIT, Professor Chong Tow Chong of SUTD, Mr. Teo Eng Dih, Chief Executive, MPA, and Ms. Caroline Yang, President, SSA, signed the Memorandum of Understanding.
Launch of MaritimeSG Shipping CyberSafe Scorecard for Fleet Operations
Dr. Amy Khor, Senior Minister of State, Ministry of Transport and Ministry of Sustainability and the Environment, announced today the introduction of the MaritimeSG Shipping CyberSafe Scorecard, another project under the Maritime Cybersecurity Roundtable created by SSA and sponsored by MPA.
The Scorecard was created with input from the industry and in accordance with the US National Institute of Standards and Technology (NIST) Cybersecurity Framework, specifically for use in vessel operations. Through a platform, ship owners and operators, including SMEs, can now conduct self-assessments. By completing the self-assessment, maritime enterprises will be able to analyze the cybersecurity maturity level of their fleet operations, pinpoint any vulnerabilities, and take proactive measures to reduce cyber threats early on. Prior to this launch, over thirty marine enterprises participated in SSA’s pilot program, completing their self-assessments.
Tabletop Exercise to Validate Maritime Cyber Assurance and Operations Centre Prototype
Ten companies from across various maritime sectors are participating in the MPA-led annual cybersecurity tabletop exercise (TTX) together with international participants from the Port Authorities CIO Cybersecurity Network (Pacc-Net) and other like-minded ports and port authorities. This year’s TTX will see about 40 participants gathered, with new participants from Port of Nagoya, Port of Tokyo and Port of Sines.
The TTX will test and validate the capabilities of the MPA-hosted Maritime Cyber Assurance and Operations Centre (MCAOC), a joint MPA-Industry cybersecurity operations center, and simulate cyberattacks that impact various ports across regions. In order to help members respond promptly to cyber threats, the MCAOC prototype will distribute information on cyber risks in real-time, monitor members’ cybersecurity systems, and provide advice on system recovery and reaction strategies. Organizations can free up staff members who are now working on monitoring duties to concentrate on higher-value, more productive work by using the MCAOC service. The MCAOC’s detection and reaction capabilities will be improved with the use of participant input and TTX insights.