Five top tips for sourcing port cyber-attack insurance cover

Written by Ed McNamara, CEO at Armada Risk Partners, Cleveland Ohio port insurance broker

Port cyber-attacks are one of the biggest threats facing port operators.

In late 2023, multiple Australian ports came under attack with terminals in Melbourne, Sydney, Brisbane and Perth disrupted across four days. This echoed a breach in which cyber-attacks hit three Canadian ports. Similarly, a breach of the Port of Lisbon led to confidential information being published online.

Against these threats, how can ports get the best cyber-attack insurance?

1. Undertake a thorough cyber review before sourcing insurance

Ports’ set up makes them vulnerable. Hosting large numbers of vessels operated by companies employing a range of IT systems provides a perfect environment for cyber-attacks. When looking at cyber insurance, evaluating your overall cybersecurity capabilities and the exposure to risk is a good starting point.

Undertake this review as part of a strategic approach to sourcing port cyber insurance. It is vital to get systems and processes as secure and up-to-date as possible.

We advise ports present the strongest picture to insurers to secure the best coverage and reduce premiums. Insurers demand robust risk management policies and protocols, including well-prepared cybersecurity policies, along with regular assessments and continuous employee training. This should include identifying threats, assessing the value and sensitivity of the data you handle, and evaluating current security measures.

2. Commit to continuous cybersecurity improvement

Cyber insurance is a vital consideration in any cyber risk mitigation strategy. Insurance can play a key role in helping pay for recovery costs and can cover third-party liabilities. Moreover, there are policies that provide incident response support, giving access to specialist teams.

However, cyber insurance cover does not release any organisation from the responsibility of managing risks. A cybersecurity programme promoting continuous improvement must be maintained.

Those running ports must have awareness of the threat level. The threat from hackers is so great the United States Secret Service has a separate top 10 most-wanted list for cyber criminals.

READ: White House releases National Cybersecurity Strategy

Typically, the threat does not come from individuals, those instigating attacks are sophisticated organisations. Being at the forefront of global trade, ports are an obvious target. They are a target of prime logistical importance, where fear of disruption will make ransom payment more likely.

3. Be aware cyber insurance market is changing

The insurance marketplace is responding to the increased threat of cyber-attacks on ports. The result is a fluid market. Cyber premiums are rising, while coverage is often diminishing.

Search for policies that cover a wide range of cyber risks and consider the policy limits and deductibles that best suit your risk profile. Ensure policy limits adequately cover potential losses, including costs associated with breach response, recovery, and legal expenses.

Insurers will look favourably on ports that follow guidelines relating to cyber security. Currently, guidelines including those from the International Maritime Organization (IMO) are voluntary but they provide a framework that could well become part of legislation.

Ship owners mitigating risks could also be disinclined to use ports that are failing to adhere to voluntary guidelines.

READ: Maritime cyber attacks database launches

4. Stay alert to new threats

Cyber risks are evolving and even with insurance in place you should regularly review coverage.

Staying alert applies on many levels. On a day-to-day basis, be wary of links in emails and unsolicited communication. Senior employees at a port have public visibility and they can become a target for the cyber criminals and fall victim to a ransomware attack.

However, staying alert also means having sophisticated defences in place. An option is to build a cyber security defence system, but an alternative is to outsource to specialists in defending against cyber-attack in the maritime industry.

READ: Kalmar Leads the Way in Cybersecurity Certification for the Terminal Industry

Ports might also wish to ensure that IT systems employed by operators have similarly robust defences when encountering their own. The links between systems and need to share information mean any defence is only as strong as its weakest link. Ports must consider what minimum standards of cyber security apply to those they deal with.

5. Work with port specialist

Work with a broker well-versed in understanding the nuances of cybersecurity and keeping abreast of the changing port insurance landscape. Examine the fine print of any renewal and consider a wide variety of quotes.

Do not automatically renew, check the coverage itself as this could have changed significantly and do not base the renewal on cost alone. Your broker needs to understand your business and research the policies that are best suited. They can also provide advice on specific compliance standards that you may apply.

A port specialist will help ensure there is a plan should any attack prove successful. A specialist can help source insurance where there is an immediate response to any query. They can also help work through potential risks, cross-referencing these against both the existing policy and potential alternatives.

Port operators will benefit from working with a skilled broker to help find cover that caters for all eventualities.

---