With 2022 well underway, the cybersecurity landscape continues to evolve in ways that maritime industry participants are closely monitoring. Geopolitical tensions in Europe have not been this high in decades, and the trend may continue as the tragic and unjustified war in Ukraine unfolds.
The maritime industry plays a vital role in global commerce, the world’s energy supply and the way in which nations interact with each other. It would be fair to say that geopolitics and global shipping are two deeply connected topics. Regardless of what is happening on the world stage, companies like Veson Nautical need to be well prepared for cyber threats that may present in different forms, emanating from different threat actors.
At Veson, we take the responsibility of securing our clients’ data very seriously. We also have a duty to the broader industry to ensure our platform is online and well-protected against potential threats. In this post, I will outline six key measures we employ to protect our infrastructure, applications and client data.
Reliable Backups
Client data is the most important asset we protect, and our ability to restore data in the event of a security incident is paramount. At Veson, we use a combination of AWS S3 File Gateway, AWS S3 and AWS S3 Glacier to ensure backup files are securely and redundantly stored. As with all forms of client data, industry standard encryption is applied.
A Disciplined Approach to Patching
On a monthly basis, the Veson engineering team undertakes the process of destroying and recreating our servers. Rather than applying patches to dozens of machines, we choose to replace those machines entirely. Our servers run on AWS, and are described using infrastructure as code (IaC). This ensures that large server fleets can be rebuilt quickly, consistently and with minimal human intervention. The latest security patches are baked into the new machine images.
In an environment without this level of discipline, it is very easy to introduce configuration drift or have differing patch levels on various servers. Neglecting to diligently apply security patches exposes an organization to far greater risk from viruses, ransomware and other attack vectors.
Multifactor Authentication
Multifactor authentication is a necessity in 2022, and at Veson this is our standard approach. We require MFA for all our internal systems to protect against the scenario where an employee’s credentials are compromised.
Industry Leading Defense Mechanisms
Running the Veson IMOS platform on AWS yields many advantages in the security space:
- AWS Shield Advanced provides protection against distributed denial of service (DDoS) attacks
- AWS WAF (Web Application Firewall) provides sophisticated defense against a range of common attack vectors, and allow specific geographies or networks to be blocked
- AWS GuardDuty is a threat detection service that continuously monitors Veson’s AWS accounts and workloads for malicious activity
Regular Penetration Testing
Veson undertakes penetration testing via a third party every six months, in order to test our defenses and overall security posture. At Veson, we provision machines inside the security perimeter and hand them over to our testers along with credentials. In line with our Defense-in-Depth (DiD) approach to cybersecurity, there great value in testing the system from different vantage points.
Centralized Logging and Alerting
For a system as large and as complicated as the Veson IMOS Platform, centralized log aggregation and alerting capabilities are very important. VPC flow logs, application logs and web server logs are brought together in one place. Coupled with automated alerts and threat detection algorithms, the team has the right set of tools in place to verify the system is operating as expected.
The items above are a small sample of the overall cybersecurity measures we have in place at Veson Nautical. The common denominator across all of these is our talented and motivated engineering team. It is their passion and commitment to running a world class SaaS platform that truly underpins all that we do in the cybersecurity space.