KVH launches new cybersecurity strategy for maritime VSAT networkJun 6, 2018 08:37 AM
(MIDDLETOWN, R.I.) — As the maritime industry turns to digitalization to help improve operational efficiency, there is increasing awareness of the importance of protecting networks and vessels from cyber-risks. KVH Industries Inc. has announced 6-Level Cybersecurity, a cohesive group of initiatives designed to provide proactive cybersecurity protection for the KVH hardware and maritime VSAT satellite network used by its global maritime customers.
A key level of KVH’s cybersecurity strategy addresses the important issue of seafarer training, as many incidents throughout the maritime industry can begin unknowingly with the crew. Effective this month, all vessels subscribing to KVH’s mini-VSAT Broadband connectivity service will be able to receive the KVH Videotel “Cybersecurity at Sea” training program at no cost. The program, created in conjunction with maritime experts and based on regulations from the International Maritime Organization and guidelines from the shipping trade group BIMCO, covers such topics as assessing and reducing the risks of a cyber incident and responding to a cyberincident.
Other levels of KVH’s cybersecurity strategy involve: satellite network security; terrestrial network security; hardware and network configuration; protected Internet egress; and response to threats and incidents.
For satellite network security, KVH implements numerous infrastructure safeguards and different types of authentication, encryption, or proprietary air interfaces. For the terrestrial network, KVH’s system is designed to provide traffic separation and to route global satellite traffic over private circuits to MegaPOPs, where Internet egress occurs.
“To enhance the security of transmissions between ship and shore, we’ve designed our system so that traffic does not touch the Internet before going through edge security devices at MegaPOPs,” said Rick Driscoll, KVH’s vice president of satellite products and services.
KVH’s cyberstrategy also targets the security of KVH hardware and network configuration. For example, onboard local area network (LAN) segmentation can be configured for operations, crew networks, and third-party charter networks via firewall. In addition, the myKVH portal is designed to provide the ability to enforce a crew login requirement on the vessel prior to accessing networked vessel systems or the Internet.
KVH’s cybersecurity strategy also focuses on protected Internet egress, including: application-level universal threat management (UTM) firewalls in each KVH MegaPOP; application-level traffic shapers; multiple forms of threat blocking; and optional global static IP addresses.
Assisting a vessel or fleet in response to a cybersecurity incident is also part of KVH’s cyberstrategy. KVH provides a cybersecurity incident response team if a fleet suspects a cybersecurity attack, with the goal to manage and minimize the risk as quickly as possible.
For more information, visit www.kvh.com.