Michael Falkenrath profile picture

Michael Falkenrath

Thursday, September 13, 2018

During my first visit to one of the largest cruise ships in the world, I was amazed not only with the enormity of the vessel but more so by the “logistical ballet” that occurs on each embarkment day.  With the capacity to host over 6,000 passengers and 2,000 crew, it’s amazing these vessels can be re-stocked and back at sea for their next cruise in less than 12 hours!

As I’ve learned more about these ships and the marine system that control them, it’s fair to say that these ships are truly floating cities converging both IT and OT systems. There are more than a dozen complex systems, managed by multiple vendors, that are responsible for just controlling the ship: power generation, propulsion, navigation, and fuel management just to list a few. Another challenge with these systems is that they normally run on older operating systems and do not have security patches applied nor do they run any type of security software such as antivirus. This creates a huge risk for these systems. As one could imagine these systems are very sophisticated and require highly skilled individuals to develop, maintain and troubleshoot them. It’s unrealistic that any single ship, or any single cruise line for that matter, has all the in-house expertise to deal with every problem or issue that may arise.  Because of this, it’s essential that vendors be able to access these systems when their expertise is needed to resolve an issue. Unfortunately, most of the traditional remote access solutions do a poor job of providing fine-grained access policies that can securely segment the vendors while also cloaking and isolating their systems from the underlying network. For this particular cruise line, lack of vendor segmentation was identified as a major risk which a 3rd party cybersecurity audit revealed.

The cruise line started looking for a solution to better segment, isolate and protect each of these critical systems while implementing fine-grained device level access policies to manage and control authorized access. One of the other requirements was that the solution had to be easy to deploy and non-disruptive to the current network. Taking a ship out of production was not an option as that would be a huge loss in revenue due to ship “down time.”  This presented the perfect opportunity for Tempered’s IDN solution. During an onboard pilot earlier this year, we were able to showcase the Tempered Network solution had the ability to meet all their requirements with very little change to their existing architecture. The solution was also deemed the most cost effective from both a CapEx and OpEx standpoint. We were able to protect, segment and provide vendor-specific granular access without changing any IP address or network settings for any of the involved systems. Because of the flexibility the IDN fabric provides we can seamlessly install HIPservices between the critical systems and the existing network without making any changes to the systems. This allows for a transparent deployment as well as an easy back out should any issues arise.  With the new architecture, the security perimeter/enforcement has been pushed down to the host level. Now only cryptographically verified and trusted devices can access or even see the critical systems and granular access policies are based on device level trust. Our solution also provides end to end encryption so that all the communications are protected within HIP encryption tunnels. This is truly device and network security hardening via micro-segmentation made easy.

Hoping your next cruise is aboard a Tempered-protected ship!

Bon voyage.