Jones Walker LLP today publicly released the findings of its inaugural Maritime Cybersecurity Survey. The results, which were announced at the Marine Technology Society and IEEE Oceanic Engineering Society’s prestigious OCEANS conference, confirm that rapidly evolving technologies deployed throughout the U.S. maritime industry to increase efficiencies and competitiveness present significant cybersecurity risks, which the industry is unprepared to shoulder.
The survey reflects the responses of 126 senior executives, chief information and technology officers, non-executive security and compliance leaders, and key managers from U.S. maritime companies. The respondents represent key sectors in the maritime industry and include professionals from small, mid-size, and large companies.
Several key findings of the Jones Walker LLP Maritime Cybersecurity Survey include:
The U.S. maritime industry is being targeted. Nearly 80% of large U.S. maritime industry companies (more than 400 employees), and 38% of all industry respondents reported that cyber attackers targeted their companies within the past year. 10% of survey respondents reported that the data breach was successful, while 28% reported a thwarted attempt.
There is a false sense of preparedness in the U.S. maritime industry. 69% of respondents expressed confidence in the maritime industry’s overall cybersecurity readiness, yet 64% indicated that their own companies are unprepared to handle the far-reaching business, financial, regulatory, and public relations consequences of a data breach.
Small and mid-size companies are far less prepared than larger companies to respond to a cybersecurity breach. 100% of respondents from large organizations indicated they are prepared to prevent a data breach, while only 6% of small company (1 to 49 employees) respondents and 19% of mid-size company (50 to 400 employees) respondents indicated preparedness.
Small and mid-size companies lack even the most fundamental protections, exposing them to huge potential losses. 92% of small company and 69% of mid-size company respondents confirmed they have no cyber insurance. In contrast, 97% of large company respondents have cyber insurance coverage.
For additional survey findings, common themes among prepared companies, and guidance on how U.S. maritime companies can evaluate and improve their cyber readiness, please visit the Jones Walker LLP Maritime Cybersecurity Survey website and download the white paper.
Comments from Jones Walker Attorneys & Maritime Industry Insiders:
Andrew Lee, Partner and Co-Chair of the Data Privacy Group & Co-Author of the Maritime Cybersecurity Survey White Paper, Jones Walker LLP:
“The U.S. maritime industry is sailing too close to the wind when it comes to cybersecurity. While industry stakeholders are educated and aware of the severe implications of a cyber attack, in many respects they are unprepared for the severe fallout from a major cyber attack.”
“Hackers are modern day pirates who have the ability to sink maritime industry sectors that are unprepared for what’s coming at them.”
“For many companies – especially smaller and mid-sized companies – there are gaps in implementing fundamental cybersecurity procedures, including crucial training for employees and testing of cybersecurity systems.”
Hansford Wogan, Maritime Attorney & Co-Author of the Maritime Cybersecurity Survey White Paper, Jones Walker LLP:
“The survey strongly illustrates that industry preparedness is dependent on two factors: company size and recent experience as a cyber attack target.”
“There are enormous risks to the industry as a whole. Yet, the survey indicates that only the larger U.S. maritime industry companies seem to have this threat on their radar, while the smaller and mid-sized companies are mostly unprepared.”
“An ounce of prevention in training is worth a pound of a cure in terms of cyber attack readiness, and if every company approached this cybersecurity issue with that mindset, the maritime industry as a whole would be far less at risk.”
Grady Hurley, Maritime Partner, Jones Walker LLP & Secretary of the Maritime Law Association:
“The Maritime industries have traditionally anticipated the risks of technology. There is a simple checklist for at-risk companies to follow and make a priority in order to become more prepared.”
April Danos, Director of Information Technology, Port Fourchon, Louisiana & Member of the National Maritime Security Advisory Committee:
“The results of Jones Walker’s cybersecurity survey demonstrate that every maritime industry stakeholder needs to assess its vulnerability to a cyber attack, take preventive action, and determine how it will respond.”
Joel R. Whitehead, Rear Admiral, U.S. Coast Guard (Ret), President, International Propeller Club:
“It is critical for U.S. maritime to take heed of the growing cybersecurity threats against our global maritime industry. The Jones Walker Maritime Cybersecurity Survey will provide important information to counter those threats.”
Martin J. Davies, Admiralty Law Institute Professor of Maritime Law & Director, Tulane Maritime Law Center, Tulane University Law School:
“The Jones Walker Maritime Cybersecurity Survey provides evidence of a worrying level of complacency among maritime industry operators about cyber attacks. Although the financial consequences of data breaches can be crippling, the survey shows that few in the maritime industry are adequately prepared to guard against them, or to respond effectively if an attack occurs. The survey shows unequivocally that action in relation to cybersecurity is urgently needed, by both industry and political leaders.”
About Jones Walker:
Jones Walker LLP (www.joneswalker.com) is among the 120 largest law firms in the United States serving local, regional, national, and international business interests with offices in Alabama, Arizona, the District of Columbia, Florida, Georgia, Louisiana, Mississippi, New York, and Texas. The firm’s Maritime Practice is experienced in all aspects of the maritime industry, which enables the group to represent clients in transactional matters and related business operations issues, as well as in regulatory or government relations issues and in complex, multi-district litigation, arbitration, and mediation. Jones Walker’s Data Privacy Group is committed to helping clients become cyber-ready and to identify, prevent, and respond to the full spectrum of data-breach and privacy risks.