The Importance of Cyber Security in Turkey’s Shipping Industry

KILINÇ LAW & CONSULTING | View firm profile

Cybersecurity has become of the most immediate and pressing problems affecting businesses everywhere. Due to the reason that cyber risk has no borders, it makes the need for comprehensive and effective cybersecurity paramount in every jurisdiction and in every sector.

This is inevitable in Maritine Sector. Given the critical requirement for the protection against potential cyber attacks, rapidly evolving technology is being developed to serve particular risks that apply in the United States of America’s maritime industry. This aims to increase efficiencies and competitiveness in incident response when faced with the challenge of specific cyber risks that make the shipping industry particularly vulnerable.

A recent survey, which canvassed leading figures in the maritime industry in the United States, found that 38% of respondents had experienced cyber attacks at their company in the past year. Nevertheless, 69% believe that the US maritime industry is prepared in terms of cybersecurity, although only 36% feel that their company is prepared to prevent a data breach.

There is a distinct divide in response according to size: the larger the company, the greater the sense of preparedness. The majority of those at large organisations indicate that they are prepared to resistant a cybersecurity attack, while small and medium-size companies are far less prepared to respond effectively. Only a tiny percentage of respondents at small companies (1 to 49 employees) and just 19% of those at mid-size companies (50 to 400 employees) believe they are prepared.

Turkey has a thriving shipping sector that is continuously growing each year. The shipbuilding, ship breaking and recycling industry is one of the fastest growing sectors in the economy employing more than 300,000 people. However, unlike the US and the EU, there is no dedicated law that governs cybersecurity in Turkey, making shipping companies even more potentially vulnerable to cyber attacks.

Instead, there is the Data Protection Law No. 6698 (DPL), which was introduced in 2016. This serves as an umbrella law for the protection of all personal data by any means, including cyberspace. It contains relevant provisions of international instruments while sectorial regulations form a legal patchwork for cybersecurity. However, there needs to be more specific domestic legislation that directly regulates illegal cyber activity.

Accordingly, Turkey needs to implement regulations that protect every company in the shipping industry from such pernicious attacks.