Lloyd's List is part of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

This copy is for your personal, non-commercial use. For high-quality copies or electronic reprints for distribution to colleagues or customers, please call UK support at +44 (0)20 3377 3996 / APAC support at +65 6508 2430

Printed By

UsernamePublicRestriction
UsernamePublicRestriction

Transparency is key to effective crisis management

Cyber security has come under the spotlight following two recent attacks. How organisations communicate after incidents is as important as how they handle the data security

Shipping companies must become more open when dealing with crises if they are to keep the confidence of their customers

WHOEVER said worse thing happen at sea wasn’t working in the IT departments of CMA CGM or the International Maritime Organization this week.

The world’s fourth-largest container carrier became the world’s fourth large container carrier to suffer a malware attack that took down critical systems and led to suspected breach and theft of data.

That was followed by a statement from the IMO saying it had also had to take down its website following a cyber attack.

Lloyd’s List has every sympathy for both organisations. Since Maersk was first hit by the notPetya attack in 2017, it has become painfully apparent that shipping is not immune to attacks.

It is even more poignant in that CMA CGM is generally regarded as being very on the ball when it comes to digitalisation, and has invested heavily in digital start-ups at its Marseilles-based, start-up incubator.

Being digital means being at risk, and even the best practices will not always be enough to secure a company. As security specialists know, an attacker only needs to get lucky once, while a defender has to be lucky every time.

This time, CMA CGM and the IMO were unlucky.

But while attacks and penetrations may be facts of life that are out of a company’s hands, the response to those attacks is solely in the domain of the company.

One thing that is crucial when faced with a crisis like this is having an effective communication plan in place. The IMO has handled this relatively well, but CMA CGM has done itself a disservice.

The company’s initial response was to deny that it had been targeted. It was not until Lloyd’s’ List presented it with a copy of the ransom note that it admitted the attack.

It then went quiet for more than 24 hours, with no information available on either the one functioning website it had, or on social media.

This may be considered as a minor problem for reporters, but it was not just journalists that could not get information from the line. Its customers, too, were sailing through uncharted waters.

One large customer spoken to by Lloyd’s List could not get a response from his key account manager in Marseille. Another said he had no idea what was going on. Tellingly, another, when asked about the situation he was facing with the line, simply said: “F**king CMA CGM.”

The IMO, on the other hand, has been quick to update its Twitter account, following the same pattern as that used by Maersk, when it turned to social media to keep its customers informed of what was happening while its network was down.

Much of this problem can be attributed to a trend towards media management by companies sensitive to their reputations.

Shipping has hired public relations companies and executives not to shine light on their businesses, but to keep them in the shadows. Many in-house PR specialists seem to only be employed to say “no comment” on behalf of their masters.

But in today’s world, this is not an option. Facts will emerge. Under the EU, General Data Protection Regulation, if personal information is lost, stolen or made inaccessible, regulators must be informed.

Shipping companies would be better to follow the lead of Maersk and the IMO, and get out ahead of the story.

Claiming an external attack is an internal server problem is misleads customers. In the long run, it is better to be the transparent victim of a hack than win a reputation as an opaque company.

Related Content

Topics

UsernamePublicRestriction

Register

ID1130765

Ask The Analyst

Please Note: You can also Click below Link for Ask the Analyst
Ask The Analyst

Your question has been successfully sent to the email address below and we will get back as soon as possible. my@email.address.

All fields are required.

Please make sure all fields are completed.

Please make sure you have filled out all fields

Please make sure you have filled out all fields

Please enter a valid e-mail address

Please enter a valid Phone Number

Ask your question to our analysts

Cancel