Jones Walker LLP Releases Inaugural Maritime Cybersecurity Survey
October 24, 2018
NEW ORLEANS, October 24, 2018—Jones Walker LLP today publicly released the findings of its inauguralMaritime Cybersecurity Survey.
The results, which were announced at the Marine Technology Society and IEEE Oceanic Engineering Society’s prestigious OCEANS conference, confirm that rapidly evolving technologies deployed throughout the U.S. maritime industry
to increase efficiencies and competitiveness present significant cybersecurity risks, which the industry is unprepared to shoulder.
The survey reflects the responses of 126 senior executives, chief information and technology officers, non-executive security and compliance leaders, and key managers from U.S. maritime companies. The respondents represent key sectors
in the maritime industry and include professionals from small, mid-size, and large companies.
•The U.S. maritime industry is being targeted. Nearly 80% of large U.S. maritime industry companies (more than 400 employees), and 38% of all industry respondents reported that cyber attackers
targeted their companies within the past year. 10% of survey respondents reported that the data breach was successful, while 28% reported a thwarted attempt.
•There is a false sense of preparedness in the U.S. maritime industry.69% of respondents expressed confidence in the maritime industry's overall cybersecurity readiness,
yet 64% indicated that their own companies are unprepared to handle the far-reaching business, financial, regulatory, and public relations consequences of a data breach.
• Small and mid-size companies are far less prepared than larger companies to respond to a cybersecurity breach.100% of respondents from large organizations indicated they are prepared
to prevent a data breach, while only 6% of small company (1 to 49 employees) respondents and 19% of mid-size company (50 to 400 employees) respondents indicated preparedness.
• Small and mid-size companies lack even the most fundamental protections, exposing them to huge potential losses.92% of small company and 69% of mid-size company respondents confirmed
they have no cyber insurance. In contrast, 97% of large company respondents have cyber insurance coverage.
Comments from Jones Walker Attorneys & Maritime Industry Insiders:
Andrew Lee, Partner and Co-Chair of the Data Privacy Group & Co-Author of the Maritime Cybersecurity Survey White Paper, Jones Walker
• “The U.S. maritime industry is sailing too close to the wind when it comes to cybersecurity. While industry stakeholders are educated and aware of the severe implications of a cyber attack, in many respects they
are unprepared for the severe fallout from a major cyber attack.”
• “Hackers are modern day pirates who have the ability to sink maritime industry sectors that are unprepared for what’s coming at them.”
• “For many companies – especially smaller and mid-sized companies – there are gaps in implementing fundamental cybersecurity procedures, including crucial training for employees and testing of cybersecurity
Hansford Wogan, Maritime Attorney & Co-Author of the Maritime Cybersecurity Survey White Paper, Jones Walker LLP:
• “The survey strongly illustrates that industry preparedness is dependent on two factors: company size and recent experience as a cyber attack target.”
• “There are enormous risks to the industry as a whole. Yet, the survey indicates that only the larger U.S. maritime industry companies seem to have this threat on their radar, while the smaller and mid-sized companies
are mostly unprepared.”
• “An ounce of prevention in training is worth a pound of a cure in terms of cyber attack readiness, and if every company approached this cybersecurity issue with that mindset, the maritime industry as a whole would
be far less at risk.”
Grady Hurley, Maritime Partner, Jones Walker LLP & Secretary of the Maritime Law Association:
• “The Maritime industries have traditionally anticipated the risks of technology. There is a simple checklist for at-risk companies to follow and make a priority in order to become more prepared.”
April Danos, Director of Information Technology, Port Fourchon, Louisiana & Member of the National Maritime
Security Advisory Committee:
• “The results of Jones Walker’s cybersecurity survey demonstrate that every maritime industry stakeholder needs to assess its vulnerability to a cyber attack, take preventive action, and determine how
it will respond.”
Joel R. Whitehead, Rear Admiral, U.S. Coast Guard (Ret), President, International Propeller Club:
• “It is critical for U.S. maritime to take heed of the growing cybersecurity threats against our global maritime industry. The Jones Walker Maritime Cybersecurity Survey will provide important information to
counter those threats.”
Martin J. Davies, Admiralty Law Institute Professor of Maritime Law & Director, Tulane Maritime
Law Center, Tulane University Law School:
• “The Jones Walker Maritime Cybersecurity Survey provides evidence of a worrying level of complacency among maritime industry operators about cyber attacks. Although the financial consequences of data breaches
can be crippling, the survey shows that few in the maritime industry are adequately prepared to guard against them, or to respond effectively if an attack occurs. The survey shows unequivocally that action in relation to
cybersecurity is urgently needed, by both industry and political leaders.”
About Jones Walker:
Jones Walker LLP (
www.joneswalker.com) is among the 120 largest law firms in the United States serving local, regional, national, and international business interests with offices in Alabama, Arizona, the District of Columbia, Florida,
Georgia, Louisiana, Mississippi, New York, and Texas. The firm’s Maritime Practice is experienced in all aspects of the maritime industry, which enables the group to represent clients in transactional matters and
related business operations issues, as well as in regulatory or government relations issues and in complex, multi-district litigation, arbitration, and mediation. Jones Walker’s Data Privacy Group is committed
to helping clients become cyber-ready and to identify, prevent, and respond to the full spectrum of data-breach and privacy risks.