Cybersecurity in the Maritime Domain



Similar documents
Environmental Compliance

Maritime cybersecurity using ISPS and ISM codes

Natural Gas Fueling Our Future 2014 NGV Conference

Ship management operations simplified and redefined using a web based integrated fleet management system. Mark Moerman, Managing Director, SDSD

REPUBLIC OF. Marine Notice THE MARSHALL ISLANDS No OFFICE OF THE MARITIME ADMINISTRATOR Rev. 8/06

INTEGRATING ENERGY LOGISTICS AND MARITIME SOLUTIONS

Ship Security Alert Systems (SSAS) Competent Authority as Designated by the Isle of Man Ship Registry

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

CYBER SECURITY INDUSTRY GUIDELINES

Ship Fleet Management System Market Outlook FMS Adoption in Ships Likely to Accelerate by 2018 with New-generation Ships Creating Opportunities

Skibsteknisk selskab 2013

Crowley Maritime Corporation - Strategic SWOT Analysis Review

List of courses approved under Maritime Cluster Fund 30% Course Fee Subsidy for non-examinable courses

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

Heidmar Tanker Pools Trading insights from the front line: Strategies for maximizing returns in shifting markets

Rockwell Automation in Oil & Gas

Energy Cybersecurity Regulatory Brief

Procedure Manual. Shipboard Oil Pollution Emergency Plan (SOPEP)

Maersk Tankers Sustainability Update Sustainability is everybody s business making a difference

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Certificate of insurance application form

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

Shipping, World Trade and the Reduction of CO 2 Emissions

The International Chamber of Shipping (ICS) Representing the Global Shipping Industry

BTMU Capital Maritime Overview

Australia's Maritime Petroleum Supply Chain. Prepared for the Department of Resources, Energy and Tourism, Canberra

OPERATIONAL LIMITATIONS DUE TO COMPLIANCE WITH THE JONES ACT

MARITIME and OFFSHORE ENERGY Practice

Industry Solutions Oil and Gas Engineering Document Control and Project Collaboration Solutions for Oil and Gas

Tanker Officer Training Standards: an industry led solution

TECHNIP AT A GLANCE 2014

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Maritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015

INTELLIGENCE. RISK MITIGATION. RESPONSE. CONSULTANCY.

137 Northpark Blvd. Telephone: (985) Covington, LA Fax: (985) Prepared Statement by. Thomas L. Shaw, President LOOP LLC

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps

PT. TRI MARINA GLOBALNUSA - BROCHURE

Exhaust Emissions from Ship Engines in Australian Waters Including Ports

Liability Management Evolving Cyber and Physical Security Standards and the SAFETY Act

MEASURES TO ENHANCE MARITIME SECURITY. Industry guidelines on cyber security on board ships. Submitted by ICS, BIMCO, INTERTANKO and INTERCARGO

III International Maritime Congress

CAN COMPANY STRATEGIES ENHANCE COMPETENCE? by Capt. Pradeep Chawla Managing Director QHSE & Training Anglo-Eastern Ship Management Ltd.

Ship to Ship Transfer Training (3 days)

FORMAL SAFETY ASSESSMENT, INCLUDING GENERAL CARGO SHIP SAFETY. Reporting of Accidents and Incidents

FUEL TRANSFERS OIL SPILL PREVENTION WORKSHOP. WAINWRIGHT 9 th July. Shell Exploration & Production Restricted

ENSURING SECURITY IN AND FACILITATING INTERNATIONAL TRADE. Measures toward enhancing maritime cybersecurity. Submitted by Canada SUMMARY

Crude Oil Trading Patterns: Trends and Tonne Mile Assessments

Into the cybersecurity breach

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

A RISK ASSESSMENT METHODOLOGY AS A TOOL FOR SCREENING OF SHIP TO SHIP (STS) TRANSFER OPERATIONS.

NOTICE INVITING EXPRESSION OF INTEREST FOR FORMING AN ALLIANCE WITH COMPANY OWNING, OPERATING & EXPERIENCED IN CONVERTING/ BUILDING FPSO

Oil Spill Emergency Response. Oil Spill Emergency

A Contribution to the Analysis of Maritime Accidents with Catastrophic Consequence

ABS Nautical Systems Fleet Management Solutions. Powerful. Simple. Reliable.

We are what we repeatedly do. Excellence then, is not an act, but a habit. -- Aristotle

The Role of Predictive Analytics in Asset Optimization for the Oil and Gas Industry

CMD 2008 Kongsberg Gruppen ASA. Kongsberg Maritime. Kongsberg Maritime Capital Markets Day September Status and Prospects for the future

IMO GUIDANCE RELATING TO THE IMPLEMENTATION OF SOLAS CHAPTER XI-2 AND THE ISPS CODE

IHS Maritime Portal. Ultimate maritime reference tool

New Privacy Laws Impacting the Health Care Work Place

Maritime Domain Management System

Knickerbocker Maritime

ICS CYBER SECURITY RKNEAL, INC. Protecting Industrial Control Systems: An Integrated Approach. Critical Infrastructure Protection

THE REPUBLIC OF LIBERIA LIBERIA MARITIME AUTHORITY

IN DEFENSE OF THE JONES ACT

RINA solutions for Ship Energy Governance

International Maritime Law Firm

PART A. .3 to ensure the early and efficient collection and exchange of security-related information;

Shipping, World Trade and the Reduction of

IoT & SCADA Cyber Security Services

Maritime Human Resources Solutions Seminar. Robert Cadigan President & CEO Newfoundland & Labrador Oil & Gas Industries Association

IMPLEMENTING An effective SAFETY CULTURE. Basic Advice for Shipping Companies and Seafarers

Shipping, World Trade and the Reduction of

PARTNERSHIP IN OCEAN FREIGHT

ENVIRONMENTAL & SOCIAL IMPACT ASSESSMENT (ESIA) FOR PRINOS OFFSHORE DEVELOPMENT PROJECT ANNEX 15: TRAFFIC MANAGEMENT PLAN

Domestic Shipping. Safety Management System. Company:

Examiners will give higher marks where evidence of wider reading /deeper understanding is demonstrated.

OUR CONVERSATION TODAY

Charleston School of Law: Admiralty and Maritime Law LLM Program

Smart vessel reporting for decreased administrative burden on crew and easier fleet performance monitoring ashore

Shipping, World Trade and the Reduction of

IMO CONSIDERATION AND ADOPTION OF THE INTERNATIONAL SHIP AND PORT FACILITY SECURITY (ISPS) CODE

How To Protect Your Data From Being Hacked

Reports Results for First Quarter 2007 and Declares Quarterly Dividend

STATUTORY INSTRUMENT. No. of Merchant Shipping (Safe Ship Management Systems) Regulation ARRANGEMENT OF SECTIONS.

Procedural Requirements for ISPS Code Certification

World Fuel Services Corporation Overview

********** An short and simple explanation of how oil is converted into gasoline and then brought to you, the consumer.

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Cybersecurity The role of Internal Audit

Introducing Vessel Environmental Compliance Reporting and Energy Management: From ESRG

Recommendations Relating to the Application of Requirements Governing Seafarers Hours of Work and Rest

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Transcription:

Cybersecurity in the Maritime Domain Shipping Company Perspective to Marine Board Spring Meeting Dave Moore Manager, Strategic Planning and Analysis Chevron Shipping Company, LLC Transportation Research Board of the National Academies Irvine, CA May 5, 2015

Chevron Corporation Origins in 1879 oil discovery at Pico Canyon, north of Los Angeles. Second-largest integrated energy company headquartered in the US, with extensive operations in over 30 countries. Approximately 61,000 employees and 200,000 contractors supporting daily operations. Average net production in 2014 was 2.57 million oil-equivalent barrels per day, with about 74% outside the US. Refineries processed 1.7 million barrels of oil per day, and we averaged 2.7 million barrels per day of refined products sales through our marketing network and retail outlets on five continents. 1

Chevron Shipping Company, LLC Manage Marine Risks Across Diverse Operations Tankers/Barges LNG Carriers Offshore Support Vessels Heavy Transport Mobile Offshore Drilling Units Offshore & Fixed Marine Terminals FPSOs 4 Major offices Transport ~1 Billion barrels annually Operate 30 vessels Utilize more than 100 vessels daily 2

Chevron Shipping Company, LLC Vessel Operator and Charterer Operate 30 vessels 9 VLCC (~2 million bbl capacity) 3 Suezmax (~1 million bbl) 5 Aframax (~ 600,000 bbl) 4 MR / US Flag (~350,000 bbl) 2 Shuttle tankers (Dynamic Position) 7 LNG carriers Utilized 825+ vessels in 2014 more than 300 owners and 200 operators Over 2,000 voyages contacting 300+ ports in 50 countries Over 950 voyages did not enter US In 2014 did not have a recordable personal injury in our operated fleet Have not had a cargo or bunker spill to environment from operated fleet in >11 years Transmit ~2 GB of information daily between our operated vessels and shore Commercial, Operations and Personnel data Cargo / Port data Equipment performance data Personal Communications 3

Operational Excellence Management System Chevron Corporate OE Expectations are organized under 13 Elements Element 1: Security of Personnel and Assets Provide a physical and cyber security environment in which business operations may be successfully conducted. 1.1 A process is in place to actively engage the workforce in security awareness and vigilance to the security environment. 1.2 Risk-based security management plans are developed, implemented and maintained to address potential security threats to the business. 1.3 A process is in place to integrate security management plans with related plans for emergency management, business continuity and information protection. 4

2015 Cyber Threat Landscape for the Oil and Gas Industry Increase in Targeting of Oil and Gas Companies Contributing factors: Dropping oil prices Economic instability Regional conflict Automation of work processes Security gaps Delays in patching Use of external storage and hosting solutions Cloud services Competitors desire to replicate proprietary technology and processes For competitive advantage To decrease dependence on external partners 5

2015 Cyber Threat Landscape for the Oil and Gas Industry Threats to ICS Environments Threat actor types Cybercriminals Hacktivists Nation-states Factors Physical impacts via cyberspace Widening security gap Low cost Targets HMI (Human Machine Interface) ICS (Industrial Control System) SCADA (Supervisory Control and Data Acquisition) Operations 6

2015 Cyber Threat Landscape for the Oil and Gas Industry Targeting Cloud Services Threat actor types Cybercriminals Hacktivists Nation-states Factors Third party Potential for high yield No need to compromise company Targets Intellectual property Sensitive business data Employee data 7

Chevron Cybersecurity Overview Global standards, architecture and infrastructure evolving for over 15 years All equipment and software is tested for security and compatibility prior to deployment Individual access to network, applications and sites is limited to need basis and periodically verified Periodic training for all users on risks and mitigations Cybersecurity Pyramid 8

Shipboard Operating Environment Complex, multi-layered, evolving Regulatory Requirements: Flag state, Port state, IMO, Classification Society, Company domicile, etc. Corporate Policy/Standards: Legal, Finance, OE/HES, IT, HR, etc. Business Unit Policy/Standards: SMS Industry Guidelines: OCIMF, SIGTTO, BIMCO, Intertanko, API, etc. Vessel Specific: Shipyard, Designer, Owner, OEM s Contractual Agreements Charter Party, Procurement Risk Management and Process Safety Chevron Shipping Company LLC is committed to protecting people and the environment. We accomplish this by adhering to our Tenets of Operation, setting Operational Excellence objectives, monitoring performance, and maintaining secure facilities. We conduct our business in a socially responsible and ethical way. Our goal is to be the industry leader in safety and health performance and to be recognized worldwide for environmental excellence. 9

Key Message Global Business Vessels move through multi-jurisdictional requirements with a multinational workforce Shipping is segmented and fragmented by regions and vessel types, with large and small entities facing different operational risk profiles Multiple risks and threats to ship and shore facilities Technology provides benefits 10

Chevron Questions Shipping Company, LLC Cybersecurity - Questions 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information