Riviera Maritime Media
User Menu

New to Riviera?

New to Riviera?

Register or Login

New to Riviera?

Maritime Cyber Risk Management Forum

02 November 2020
09:00 - 18:00

How Prepared is the Maritime Industry for Future Cyber-Attacks? Recognising and Addressing the Risk

Vessel operations require the transfer of more and more diverse data to shore control centres. However, with opportunities come new threats too and ship operators need the assurance their data is always secure.

Ship operators and others need to look at cyber as a good reason to invest time and money not just out of fear, but out of a desire to equip the business with an infrastructure fit for the future.

The 5th Maritime Cyber Risk Management Forum, in association with and hosted by Norton Rose Fulbright, creates a much-needed dialogue focused on evolutive and disruptive risks of a cyber-attack.

As cybersecurity is becoming an ever more pressing concern for ship operators, the Forum provides an opportunity for all parts of the maritime sector, from shipowners, other insureds to insurers themselves, to grapple with the size of the threat from cyber-attacks in order to prevent disruption of service and loss of revenue.

Early bird delegate rate - £625
Ends 22 September 2020

Standard delegate rate - £750


Register interest


“Very nice format and good speakers.”
Elisa Cassi, Lloyd’s Register

“Great networking, interesting topics and lovely location.”
Maggi Rose, P&O Ferries

“Informative with some good insights.”
Jason Skaife, DFDS

“Useful presentations with relevance in day-to-day and planning actions.”
Chris Massie, NYK Line Group

“Very balanced.”
Bob Ball, BP Shipping

“Very informative.”
Harprett Juttla, Cabinet Office

“Worthwhile content from industry.”
Walter Wilson, V.Group

“Very interested in all sessions in particular the case studies relevant to ships.”
Chen Wang, China Classification Society London


Event partner:

Paul Dowling - Brand Manager
Linked InTwitterFacebookeCard


Linked InTwitterFacebookeCard


How Prepared is the Maritime Industry for Future Cyber-Attacks? Recognising and Addressing the Risk

Register interest


08:15 Registration and coffee (ground floor)

08:50 Welcome address from the conference chairmen
Philip Roche, Partner, Norton Rose Fulbright
Edwin Lampert, Head of Content, Riviera Maritime Media

09:00 Keynote: Maritime and Cybersecurity coordination

  • Specificities of the maritime domain – the French cross sectorial approach.
  • Similarities between digital and maritime approaches.
  • Global maritime cyber coordination – avoid the fear to share.

Bruno Bender, Maritime Cybersecurity coordinator, Secretary for the Sea - France


This session provides up to date information on legal, regulatory and liability considerations and gives you the tools you need to build and develop an effective risk management strategy.

Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

09:15 Legal and regulatory compliance in the cyber incident response context

  • Positive obligations under GDPR and how to comply with them in the cyber incident context.
  • Other obligations which may be of relevance, including NIS.
  • Going beyond “mere compliance” – how best to respond to cyber incidents in a way which mitigates.
  • the risk of losses and liabilities more generally?

Steven Hadwin, Head of Operations – Risk Advisory and Cyber Security, Norton Rose Fulbright

09:35 Cyber risk management - the guidelines on cyber security onboard ships

  • Identifying roles and responsibilities.
  • Identifying systems, assets, data and capabilities that pose risks to ship operations when disrupted.
  • Protect, detect, respond and recover: implementing risk control measures and contingency plans to provide resilience and restore systems vital for ship operations impacted by a cyber incident.

Michael Hawthorne, CEO, Cobweb Cyber

09:55 Insurance cover for liability and property damage arising from a cyber incident

  • Distinguish between the different aspects of the term “cyber”.
  • Ensure that you are acting with reasonable care in your approach to managing cyber risk.
  • Exclusion clauses - What losses are and aren’t covered by Norwegian Hull Club, which could arise from a cyber incident, and are not in the nature of third-party liabilities arising from the operation of the ship?

Leif Olav Sætenes, Senior Claim Handler, Norwegian Hull Club
Morten Aalén, Head of Loss Prevention and Emergency Response, Norwegian Hull Club

10:15 Q&A

10:35 Coffee and networking break in the exhibition area (Terrace Suite, 9th floor)


As there still seems to be an attitude of ‘it won’t happen to me’, How many shipping companies have understood the risks that satellite and onboard equipment bring? These case study presentations allow you to understand what ship owners are doing and not doing. How are they trying to cope, and which measures are they taking?

Session Chairman: Philip Roche, Partner, Norton Rose Fulbright

11:15 Vendor Risk Management: Overcoming Today’s Most Common Security & Privacy Challenges
Managing third-party vendor risk before, during and after onboarding is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to secure sufficient vendor guarantees and effectively work together during an audit, incident – or much more. In this session, we’ll breakdown a six-step approach for automating third-party vendor risk management and explore helpful tips and real-world practical advice to automate third-party privacy and security risk programs.

  • Review the drivers and challenges organizations face when managing third-party vendor risk
  • Identify priorities before, during and after vendor procurement
  • Takeaway a six-step approach for automating the third-party vendor risk lifecycle
  • Hear real case studies from privacy experts on how to practically tackle the third-party vendor risk

Jacob Eborn, Privacy Consultant, OneTrust EMEA

11:35 Implementing the lessons learned from a major cyber attack

In June 2017 Maersk suffered a major NotPetya cyber-attack, this session explains lessons learned, and how they are now being applied within Maersk.

  • How the Cyber-attack happened?
  • How was it dealt with and what steps were taken?
  • What were the consequences?
  • What were the cost implications?
  • What was the follow up to the cyber threat? Contingency plan.

Andy Powell, CISO, A.P Moller – Maersk

11:55 Cyber lessons learned from Industrial Control Systems - What can the maritime industry learn from the ICS

  • What changes have happened in the post-Stuxnet era ICS world and the what challenges control system asset owners are facing?
  • What kind of approaches are the advanced manufacturing companies using in protecting their critical control systems?
  • What are the main challenges we still face nearly 10 years after Stuxnet?
  • How can maritime industry best utilise the ground work laid by the ICS community? ICS standards, frameworks and best practices applicable to the maritime industry.

Janne Taponen, Maritime Cyber Security Expert, F-Secure

12:15 Lunch


Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media


12:35 What is the magnitude of cyber risk?
Based on a cyber-attack scenario, you will be able to discuss the possible outcomes and solutions and highlight the complexity of the maritime cyber security sector. This will give you the opportunity to verify your own ideas and plans:

  • The problem is now, but what is the real magnitude of cyber risk?
  • Business security challenges to the exponential growth of the IoT. Are you on the verge of being attacked?
  • How do we convince the main boards of shipping companies to take cyber risks seriously?
  • Find the right balance and allocate a budget to reduce risk exposure and implement it.

Kieren Niĉolas Lovell, Incident Management Specialist, Tallinn University of Technology
Jack Lienert, mentor, CyberNorth, Startup Wise Guys and Simulation Centre Member, Estonian Maritime Academy
Elisa Cassi, Product Manager, Lloyd’s Register EMEA

Ken Munro, Consultant, Pen Test Partners
Merike Kaev, Data Protection Office, Swedbank Group Estonia


13:35 Networking lunch in the exhibition area (Terrace Suite, 9th floor)


This session will help ports and maritime operations understand and appraise the cyber security threats, balance digital opportunities with new cyber threats and raise cyber security to an acceptable level.

Session Chairman: Philip Roche, Partner, Norton Rose Fulbright


14:45 Innovative Risk and Security Management solutions for protecting European Ports and their Supply Chains

  • How can we enhance the security and resilience of the ports’ critical infrastructures?
  • How can we help port operators anticipate and withstand potential cyber, physical or combined threats?
  • How can we effectively estimate risks in port supply chains?
  • Are there appropriate efficient and effective tools that provide risk and security management?

Prof Christos Douligeris, Department of informatics, University of Piraeus
Dr Spyros Papastergiou, Technical Manager, University of Piraeus Research Centre

15:05 Resilience planning - Maritime ports to up their game in cybersecurity

  • A solid cyber security plan is a must in any modern port. How ready are you?
  • Identifying actions for when a cyber event will occur.
  • Planning for protection against threats or categories of threats.
  • Creating a response plan that clarifies action and provides an incident response team.

Daniel Ng, CEO, Cyber Owl

15:25 Using AI for Real-Time Threat Detection across OT & IT

  • How to use artificial intelligence to detect emerging threats and latent vulnerabilities.
  • Achieving 100% visibility across OT, IT and Industrial IoT.
  • Real-world case studies of stealthy cyber-threats identified early by cyber AI – before a crisis occurred.

Lola Grundmann, ICS Cyber Security Manager, Darktrace

15:45 Q&A


16:05 Coffee and networking break in the exhibition area (Terrace Suite, 9th floor)


What should the industry do to reduce cyber risks? Should cyber security responsibilities be moved up a level and from IT to Operations? A change in approach to the problem needs to occur. Stakeholders are spreading the risk awareness beyond those who are ready and engaged to those who aren’t to defeat the cyber threat.

Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

16.45 Panel Discussion: The weakest link: the role of human error in cybersecurity

  • The importance of crew awareness to achieve more integrated risk management.
  • What tools are available to train staff onboard and ashore?
  • What resources and capabilities do ship companies have?
  • Security through collaboration - Combining ideas and experiences, such as a global Cybercrime reporting portal, for the benefit of the maritime community.
  • What are your legal obligations as a shipowner?

Panellists include:
Kewal Rai, Policy Adviser for Cyber Security, Department for Transport
Philip Roche, Partner, Norton Rose Fulbright
Anu Khurmi, Director, The Maritime Cyber Emergency Response Team (MCERT), Templar Executives
Dr Rikke Bjerg Jensen, Information Security Group, Royal Holloway, University of London


17:10 Q&A


Session Chairman: Edwin Lampert, Head of Content, Riviera Maritime Media

Riviera Maritime Media Cyber Security Hub serves as an innovative start-up and pioneers’ incubator, designed to help develop ideas and early stage projects by tapping into the knowledge, skills and connections of attendees. Riviera Maritime Media Cyber Security Hub is for people who care about cyber technology and risk, to get fresh ideas, identify new opportunities and expand business and professional networks.

17:20 Challenges in maritime incident response
Take the journey as we explore responding to a cyber incident in 2 hypothetical scenarios involving a vessel at sea and at a port.

  • How did the vessel get impacted? What actions can we take? Where do liabilities land?
  • What preparations can be taken?

Jason Dely, Director, ICS and Critical Infrastructure, Cylance
Laura Johnson, Cyber Practice Head, Chaucer

17:40 The CIRM Cyber Risk Code of Practice for Providers of Marine Electronic Equipment and Services

  • CIRM will soon release a voluntary Code of Practice and associated Guidance to encourage implementation of cyber security best practice by CIRM member companies.
  • The Code of Practice is based on the principle that cyber risk management is a chain of trust where every participant is responsible for providing the elements needed to establish a complete chain of cyber security.
  • This presentation will introduce the 6 guiding principles for Vendors of Marine Electronic Equipment and Services to establish their role in the chain of trust for a secure digital maritime environment.

Philip Lane, Technical Officer, CIRM

18:00 Q&A

Closing remarks from the conference chairmen

Edwin Lampert, Head of Content, Riviera Maritime Media
Philip Roche, Partner, Norton Rose Fulbright

18:15 Drinks reception in the Terrace Suite (9th floor) sponsored by International Registries, Inc

19:30 End of forum


*Programme subject to changes/amendments

Linked InTwitterFacebookeCard


Linked InTwitterFacebookeCard

Partnering with the Maritime Cyber Risk Management Forum represents an unrivalled opportunity to engage with your target audience in a focused setting

Whether your goals are to:

  • Increase your market share
  • Meet new and existing customers
  • Launch a new product or service
  • Increase your brand awareness
  • Penetrate a new market sector
  • Enforce and maintain position in sector
  • Deliver your message in a focused environment

A broad range of sponsorship and exhibition opportunities means that we have the package to suit your needs and your budget.


If you are interested in sponsoring or exhibiting at the Maritime Cyber Risk Management Forum, please contact:


Paul Dowling, Commercial Manager

T: +44 (0) 20 8370 7014

M: +44 (0)7960 887222

E: paul.dowling@rivieramm.com


Event Partner:


Linked InTwitterFacebookeCard


Linked InTwitterFacebookeCard

Who’s attending so far

BP Shipping


China Classification Society

Class NK

Digital Container Shipping Association
GT Maritime

Helix Well Ops

K Line LNG Shipping

Saga Cruises

Linked InTwitterFacebookeCard


Linked InTwitterFacebookeCard

Norton Rose Fulbright LLP

3 More London Riverside



United Kingdom


How to get there?

London Bridge Station

By Tube: Jubilee and Northern Lines

By Train: Southeastern, Southern, Thameslink

By Bus: 141, 188, 343, 42, 43, 47

Linked InTwitterFacebookeCard

Past Events

Linked InTwitterFacebookeCard

June 2019:

Maritime Cyber Risk Management Forum, London



Linked InTwitterFacebookeCard

Quick Links

Marketing Solutions
Copyright 2020 Riviera Maritime Media Ltd.

London Office

Riviera Maritime Media Ltd,
Mitre House, 66 Abbey Road,
Enfield EN1 2QN, UK
Phone: +44 20 8364 1551
Email: info@rivieramm.com

Singapore Office

Riviera Maritime Media Singapore Pte Ltd,
1 Fusionopolis Place, 03-20, Galaxis,
Singapore 138522
Phone: +65 6809 1278
Email: info@rivieramm.com
Linked In