How can IoT data be protected?

KVH, IoT, KVH Watch, business continuity, Disruptive Models, Connected Ship, IoT at Sea

Data security and IoT

Cybersecurity has always been a paramount issue in shipping. The recent acceleration in digitalization has been met with a 400% increase in attempted hacks since February 2020 alone (1).

Digitalization has brought a lot of attention to IoT and raised questions on how data can be securely transferred between sensors and software, from ship to shore.

A report by Zscaler in 2019 examined 56 million transactions in enterprise networks using 270 different types of IoT devices from 153 different manufacturers over a 30-day period. The results have shown that 41% were communicating over unencrypted channels, which paved the way for being targeted by malware and cyber-attacks.

As the development and employment of IoT devices accelerate, the risk of cyberattacks accelerates with it.

Protecting Data

Safeguarding practices are needed to protect IoT data, but ‘traditional IT security techniques will not work for all IoT services, which calls for additional measures.’

To protect data, an IoT service must have an architecture that is built with security in mind, incorporating ‘privacy guardrails, data ownership, and governance including the robust management of data from first receiver to subscriber. (2)

BIMCO’s “Guidelines on Cyber Security Onboard Ships” emphasize the need to assess risks arising from the use of information technology (IT) and operations technology (OT) onboard ships and establish appropriate safeguards against cyber incidents. OT systems differ from traditional IT systems. Its relevance to safety of crew, cargo, environment, and vessel operation is extremely high. Whilst OT systems operate in real-time, controlling the physical world and corresponding processes, IT systems merely manage data. (3)

Securing your IoT Data with KVH Watch

KVH has actively addressed these challenges by introducing KVH Watch – the industry’s first purpose-built stand-alone IoT service, allowing equipment manufacturers, service companies, and digital content providers to connect with installed sensors and systems onboard.

The product provides dedicated and single-use data pathways for IoT systems that do not and cannot be interfered with by other onboard networks. E2E encryption, protected internet egress, gateway firewalls, and DPI, edge device lockdown, and managed security protect data paths. MFA and captain authorization procedures in combination with the above cover all cybersecurity requirements holistically.

Explore the benefits of KVH Watch

KVH Watch is designed to meet the cybersecurity needs of a modern, connected ship:

  • Isolates the IoT network from the vessel’s existing IT network by introducing the KVH Watch Terminal with Managed Switch, dedicated LAN, and dedicated Wi-Fi access points
  • Supports manufacturer VPNs
  • Multi-factor authentication for user identification

Sources:

  1. https://www.securitymagazine.com/articles/92541-maritime-industry-sees-400-increase-in-attempted-cyberattacks-since-february-2020
  2. https://www.iotevolutionworld.com/smart-transport/articles/442702-how-industrial-iot-will-disrupt-shipping-industry.htm
  3. https://www.bimco.org/about-us-and-our-members/publications/the-guidelines-on-cyber-security-onboard-ships

 

About Sven-Eric Brooks 3 Articles
Sven-Eric Brooks is KVH's senior director of business development for KVH WatchT, the company’s maritime IoT solution. Sven-Eric has nearly 20 years of experience in the maritime industry with expertise in integrated bridge systems, smart and connected vessels, ship operations, and fleet management solutions. Prior to joining KVH, Mr. Brooks worked for Northrop Grumman Sperry Marine for 13 years in a variety of roles culminating as business development director responsible for Sperry Marine’s key accounts. In prior roles with Sperry Marine, Mr. Brooks was a sales manager, global logistics manager, and regional director for Asia. He has held positions in London, Rotterdam, and Hong Kong.

Be the first to comment

Leave a Reply

Your email address will not be published.


*