While the shipping industry’s cyber posture was better than companies in the Forbes Global 2000, the industry performed lower in key risk group factors
NEW YORK – Dec. 20 – SecurityScorecard, the global leader in cybersecurity ratings, today released a new report on the U.S. shipping industry, “Proactive Security Measures for Global Maritime Shipping.” The research found that high severity cyber vulnerabilities pose a big risk to U.S. maritime security, especially ahead of a busy holiday season.
In December 2021, SecurityScorecard conducted an analysis of the cybersecurity health of 100 global shipping container companies compared to the Forbes Global 2000 companies, finding that:
- Overall, the cybersecurity risk posture of the shipping industry was better than the Forbes Global 2000, but the shipping industry did not perform higher in every risk group factor
- The largest risks to the sector include vulnerabilities in application security, irregular patching cadence, and network security
- Data breach percentages for shipping container companies increased from 2018 through 2021, indicating that the industry may be an increasingly attractive target for malicious cyber actors during the 2021 winter holiday season
- Shipping container companies initially did better than the Forbes Global 2000 until April 2020, when high-profile attacks sank the industry average. Since mid-2020, shipping container companies have continued to struggle to build resilience in their cybersecurity, and have not yet returned to their pre-2020 breach scores.
Global supply shortages and shipping disruptions brought on by the COVID-19 pandemic pose a threat to U.S maritime security and threaten to disrupt the holiday gift-giving season. The maritime shipping network, which is responsible for 90% of the global trade, has gone from being a fast and cost-effective system to one plagued by delays, clogged shipping lanes, and exorbitant prices.
“The shipping and maritime industry is already strained and taxed by the pandemic and resulting supply chain backlog,” said Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. “A potential cyber incident in the shipping industry could have catastrophic effects on people and businesses all across the world. This research is a key indicator that the industry should continue to keep a focus on cyber resilience through continuous monitoring.”
SecurityScorecard continuously monitors millions of entities world-wide, and non-intrusively assesses their security posture across ten risk categories, including DNS health, IP reputation, web application security, network security, leaked information, hacker chatter, endpoint security, and patching cadence. This instantly delivers an easy-to-understand “A” through “F” security rating.
Read the full report here.
Funded by world-class investors including Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, and cyber insurance underwriting. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
Fehmida Bholat, SecurityScorecard