Navigating Cybersecurity and Data Privacy: Key takeaways from the CSA Shipping Executives Conference
Cybersecurity and data privacy threats are rampant in every industry, and the shipping industry is no exception. The panel discussion at the 21st Caribbean Shipping Association Shipping Executives Conference titled “Navigating Cybersecurity and Data Privacy” shed light on the importance of cybersecurity and ways to mitigate attacks. The panel was moderated by Frances Yeo, CEO of ADVANTUM, the Caribbean’s premier logistics software & IT Network services provider, and featured presenters John Gibson, Cybersecurity and data privacy expert and CEO of PROTECTIFIQ, and Glaister Leslie, Technology & Change Management Consultant. Here are the key takeaways from the discussion that every shipping executive needs to know.
The Impact of Cybersecurity on Everyone
The first key takeaway is that cybersecurity and data privacy should be a concern for everyone. The panelists emphasized that no industry is immune to these threats, and even if your business is not directly affected, you can still be indirectly impacted through your partners, suppliers, customers and even the ports if they experience an attack. Cyberattacks can take many forms, including crashing systems, stealing data, and locking users out of their systems which Glaister Leslie likened unto someone burning down your warehouse, or stealing your cargo inventory or locking you out of your business place. These can lead to billions of dollars in losses, and not to mention the priceless cost of your business’ reputation.
Ways to Protect Yourself from Cyber Attacks
To mitigate the risk of cyber-attacks, Cybersecurity and data privacy expert, John Gibson stressed that it’s crucial to employ rigorous cybersecurity management measures. These include implementing network security, installing anti-malware, conducting periodic vulnerability and penetration tests, and implementing multifactor authentication, among others. He advised that it’s also essential to encrypt data, conduct periodic vulnerability and penetration tests, and implement identity and access controls. Gibson reminded everyone that, “Security is a risk journey, and it’s important to constantly assess and review mitigations to ensure you’re in a tolerable place.”
The People Side of Cybersecurity and Data Privacy
Cybersecurity is not just a technical issue but also a people issue. On the people side, change management is crucial. Glaister Leslie suggested that using a change management framework such as Kotter’s 8-Step Change Model can help. This includes creating urgency, forming a powerful coalition, creating a vision for change, communicating the vision, removing obstacles, creating short-term wins, building on the change, and anchoring the changes in corporate culture. He emphasized that it’s also important to avoid pitfalls such as letting fears get the best of you, ignoring the impact of technology on people, and investing in technology at the expense of investing in people.
AI and Data Privacy Concerns
During the Q&A session, the panelists also addressed privacy concerns around artificial intelligence. They highlighted that whatever you put into AI can become part of an answer for someone else, so to ensure not to share confidential data with the chat systems. Also highlighted was the fact that AI technology is being used to create malicious programs faster, so everyone needs to remain vigilant.
Recommended Next Steps
So, what are the next steps for us as we return to the office? According to Glaister Leslie, shipping executives should start at step one of the 8-step change management process and answer critical questions about what they need to protect, what’s standing in their way, what’s in place, what’s planned, and how they’ll measure success.
John Gibson says businesses should also complete a cybersecurity maturity assessment, implement a disaster recovery plan that contains cybersecurity and data protection procedures, and establish a cybersecurity baseline for their organization. Most importantly, we should all keep learning and training your people to ensure a strong cybersecurity culture. Businesses can also reach out to cybersecurity experts like PROTECTIFIQ and ADVANTUM for support.
Strong cybersecurity and data privacy policies and practices are essential in securing our global supply chain. While we may not be able to prevent all attacks, if we take proactive measures to protect ourselves, our business partners, and our customers, we can ensure a more secure and resilient shipping industry.
Originally published in the Caribbean Maritime Magazine Issue 49