THE increase in cyber attacks on major companies over the last few months means that shipping companies have no excuse for not being prepared and could find themselves liable should an attack result in a data breach, the Global Liner Shipping conference was told.

Holman Fenwick Willan’s Toby Stephens said at the Singapore conference that cyber attacks were now the “number one” risk and were no longer an emerging threat.

“If you are not prepared, you will be held to account,” he said.

While it was all very well to have a contingency plan in case of an attack, if it was held on a hard disk it would be of little use when users suddenly found their screens frozen, he told delegates.

“What will you do? Use WhatsApp to contact all your staff?”

Contingency plans needed “real thought”, he said.

“Don’t just wait until it happens,” Mr Stephens said. “If you are not prepared, how you deal with an attack will affect your bottom line.”

Contingency plans must kick in automatically, he added. “Shipping is good at dealing with operational risk, such as casualties or the loss of containers, but there is a blind spot here.”

However, plans for cyberattacks needed to accommodate multiple sources of information and take into consideration various regulatory concerns, such as European rules on protecting customer data.

“Each step of the supply chain is responsible for protecting its customers’ data from being exposed,” he said.

Contingency plans often failed because they lacked detail and could fall to pieces as events escalated.

“Intense scrutiny from customers and regulators can lead to a siege mentality and short-term focus,” Mr Stephens said.

“You need to be able to get ahead of the game to get the company back on track. As Warren Buffet said, it takes 20 years to build a company’s reputation, but only five minutes to destroy it.”