All right. Welcome to Unsupervised Learning. This is Daniel Meisler and happy to have on today Corey Ransom, CEO at Dryad. And Ismael Valenzuela, VP of threat research and Intelligence at BlackBerry. Welcome to the show.
Thanks for having me.
Thank you, thank you. Daniel.
Awesome. So we want to talk about maritime security today. And it's good that we have Cory here because I did not feel, uh, qualified to be an expert there. So good to have everyone on and good to see you again, Ismail.
You'll see again, Daniel.
Well, very cool. So, um, I think the reason we're talking about this is because of the incident that happened in Baltimore. And I guess. The big part of my questions here are how does the maritime stuff generalize out to other areas? Right. Um, so so with the Baltimore incident. What are the things we should be thinking about with maritime security? Can you kind of give us an overview, Cory?
Sure. That that's a that's a really good question because maritime in my opinion, and I think a lot of people in the industry, when you look at cyber security, is probably about 10 or 15 years behind the rest of the world. So there's a number of issues to look at. So when a little bit of background, Daniel, when you build a ship, that ship is usually going
to be in service for 25, 30 plus years. And so the systems that are on that vessel, when it's built, you can imagine there's a there's a pretty interesting evolution of technology through the life of that ship. And you can't always replace those systems. So there are still vessels out there today that are operating with windows XP computers, because those were the systems at the time when the ships were built that are the controlling systems for the
engine control systems or other vital systems on board. So there's really a number of things that you want to look at from a threat perspective on board the vessel and the legacy systems are really a big part of that. Now, the IT infrastructure on a vessel, it's much easier to upgrade that. But some of what you call the OT or the, the, the the other technology on board, um,
is not as easy to upgrade. So that's one of the first things to look at with the vessel is, is what can you do to protect the the older kind of OT systems that are operating and then also the newer IT systems. And all of this has to work in an environment where there's sometimes there's no connectivity whatsoever. Um, the ships in the world will pass through regions where because of weather or other issues, they may lose connectivity
for for a time period. So it's very interesting when you look at trying to apply a protection scheme to a vessel, it's very different than when you try to design that for an organization that operates on land.
Yeah, that makes sense.
It's interesting, Daniel, because, you know, you mentioned Baltimore before and obviously that's that's what's what's in everybody's head, right? Because of what happened recently. But Corey and I, we've been talking about this before the Baltimore incident. And we're like working on hey, you know, let's look at some threat models. I wasn't an expert. I'm not an expert in maritime security. But I was talking to to Corey well before that incident. When that incident happens, like everybody was,
you know, thinking about that. But but this is something that, you know, in this case, Dryad has been working on for quite some time. And we, as you know, partners at BlackBerry, we have been looking into as well before the Baltimore incident. Right. Maybe we can talk about some other incidents that have happened before. Well, that that's.
A that's an interesting one, Ishmael. Because when that incident happened on my phone started ringing off the hook because that was the first thing that most people thought is with, with the ship in Baltimore. Oh, this is a cyber attack 100%. And we find out, obviously, that it wasn't that this was more mechanical and other things that were happening, but it was just interesting that I was getting calls from people that I was not expecting to get phone
calls from asking, was this a cyber incident? And at the time, the majority of the intelligence that we had was there was just not anything to indicate that it was. And then that panned out. But there's been other incidents. We know that cyber has been related. And one of the things that I find really interesting in the maritime is post accident investigation with maritime. They're they're bringing in cyber experts all the time. And and we've never seen
that before. And three, four years ago if there was an incident okay. We know probably mechanical or some other issue. But now as, as kind of those post incident investigations, you're seeing the cyber component or forensic cyber experts that are now in part of those investigative teams to say, hey, was there the potential of a cyber incident? And and
it exists. I mean, Ishmael and I talk about this quite a bit, but that the potential of a cyber attack in maritime, um, we're just counting basically to time as, as when it's going to happen. It's it's definitely something that we see and we continue to try to provide information to, to our clients and stakeholders on what that threat landscape looks like and how prevalent this threat is. And it gets it gets more and more prevalent every single day.
Yeah. I remember seeing a long time ago, uh, some aircraft carrier and it was running Nt4 and I was like, oh, that's that's really scary. Um, so what what are the threats scenarios look like that you put together? Both of you. If you look at the actual scenarios themselves, what do they start to look like? You've got like malicious. You've got like, you tell me if I'm wrong, but you've got convincing some sailor to bring on a USB drive or something, which hopefully they would have access to. Um,
ports would be limited. But we all know the world is not a perfect place, so perhaps, um, yeah, external media coming onto the ship that could possibly compromise. Um, I imagine there's a whole bunch of systems that are internet connected, and I'm sure there's supposed to be segmentation, but that's another avenue. But like, what is that threat model actually look like?
That. So I think that that trying to get someone to bring a USB on board that, that that's pretty difficult to do. Most of the Mariners that that we've talked to have that basic training so they know, hey, this is I'm not going to bring this media on board. It's interesting because up until about the last three years, that's how the majority of the critical systems were updated, is the manufacturers would actually have to send a USB or a CD ROM to the vessel to update the
critical navigation systems and everything. And it was we were actually just talking about this internally, and it was really funny about 3 or 4 years ago that the major navigation providers for vessels were telling people, don't connect your bridge navigation systems to the internet. If you do anything, it needs to be trusted. Our updates come out like this.
It was very specific. Well, fast forward to where we are today, and all of those same bridge navigation manufacturers are telling all of their vessels they have to have their bridge navigation systems connected to the internet now, because that's how the live updates are done. And it's a much more efficient process to be able to do that.
So it's interesting to see the change that's just taken place in the industry in the last 2 or 3 years with now, systems that were not connected to the internet are now being connected to the internet, and not just navigation, but the engine control systems, the generator, the
engines themselves. When you look at cargo vessels, the cargo handling side of it, the ballast water systems, I mean, it's it's really interesting to see the number of systems and the connectivity on vessels that was just not prevalent even 2 or 3 years ago. So you really didn't see that threat where that's why we've seen a huge jump in the exponential potential of that as just because
of the number of systems on board. And the the other interesting piece is, is post-Covid shipping companies, the cruise lines, large yachts are really having a difficult time trying to get crew members on board with little or no connectivity. Shipping of the past. Again two three years ago, crew members knew that there was no connectivity or if they wanted it, they would have to pay a pretty exorbitant
amount to be able to get that. Now it's becoming standard package on a lot of these vessels to have enhanced internet capabilities just for the crew. So you bring that dynamic that we didn't have a few years ago into the threat picture. So it's rapidly changing the different access points that could become vulnerabilities on board a vessel. And almost regardless of the type, whether it's a cargo ship or a cruise line or a large yacht.
Yeah. The one similarity I think, I think I see is IX or, um, operational technology. It's almost like because we have been learning this lesson, albeit slowly, is securing SCADA systems, uh, which I've done a bunch of assessment work on. They were traditionally completely isolated, and then they ended up not being isolated and. More and more internet connected tech comes in and those environments are not used to that. So maybe there's some lessons we can get
from that industry. I'm just skeptical that those last those lessons actually transfer. Well, they tend not to.
And I was going to say even like autonomous vehicles. Right. We see the same kind of idea like vehicles that they need to be connected time, right. To receive, uh, instructions and to send telemetry to receive, you know, information. Um, but if you think about other like, older threat models. Right. We were discussing before. Uh, GPS spoofing, for example. Right.
I mean, that's usually using, like, traditional technology to be able to redirect a vessel, right, to, to, to a different place, like, can that be done in this way by manipulating this, uh, this data. Right, that we're navigation data by, by maybe turning a ship, like, sideways and blocking the entrance of a port. I know that's actually a scenario, right? That has been, uh, evaluated. What could happen if a vessel enters the port of New York
and then turn sideways and blocks? Uh, not accidentally. Yeah, that.
Yeah, I wanted to hit on that, basically. What what are the, uh, not the threat scenarios for getting in, but what what could people do potentially, uh, to do that? One would just, I guess be. Yeah, blocking shipping actually seems like one of the worst ones. What else could you possibly do?
I could take the first part of that if you want because that it's, it's this is this is really interesting. So I think there's a couple of things. Number one is, is to be able to, uh, spoof the vessel's navigation system in a tight maneuvering space, like the entrance to a canal or port. That is something that before the crews on board. These ships are very intelligent people. They are very good at their craft and what they're doing
in running navigation and engine systems. But if you put them in a, in a, in a confined, um, fair way, entry point into a canal or a port, they still have to take time for their brains to process that something is wrong and then be able to react to that.
And by the time that happens in a narrow channel, it's really difficult for them to counter what's happening, because as you saw in Baltimore, these very large cargo ships, even traveling at five, six, seven knots, have so much momentum that it takes a long time to stop these ships. So in in a narrow fairway, that's a really interesting scenario. One of the other scenarios that we've looked at is the actual kind of digital hijacking of the ship itself.
So the ship may be in the middle of the ocean. Hackers take control of of engineering and navigation systems and block the crew out from being able to do anything, and then basically digitally hijacking the ship in the middle
of the ocean, asking for a ransom payment. That is something that we really haven't seen yet, but we think that that is going to become more and more prevalent in the maritime industry as we see all of this connectivity, all of these things happening, that the prevalence of this may start to increase because you look at 90 plus percent of all the goods that we buy are on a ship at some point in your life. So that
is a huge part of global GDP. So even one ship with 3 or 4000 containers, that that's a lot of value of cargo, that's that's moving in the in the ocean. And you know, don't even think about like some of the supertankers with oil on board how much
those are worth. So there's a lot of value that's, that's floating around out there that that we think that this, this digital hijacking could potentially become an issue or even precede a physical attack like what we've seen in the Red sea and the Gulf of Aden.
Okay. So so what does that what does that actually look like? That is basically economic disruption. And also you have to worry about the actual crew that's on board. But they would in that sense they would only be affecting the cargo that was on that one ship along with the crew. And I guess they would just be out in the ocean and say. What? We're not going to deliver the stuff. We're going to dump it in the sea, and also we're going to hurt the crew. Is that the scenario?
No, not necessarily that I think the scenario is more along the lines, Daniel, of of of an attacker taking control of the ship. And these guys are financially motivated unless it's a state actor for the most part in the maritime it's 100% financial motivation. So what we would see is that they would take control of the ship and then ask the owner or management company, hey, you need to pay us 10 million Bitcoin for a 10 million in Bitcoin for us to release the ship back
to your control. So I don't think it's anything to potentially dump the cargo or hurt the crew. It's more along the lines of what financial gain can we get out of this very quickly and and be able to get a fairly quick payday, just like what we've seen in other industries? Hey, we've got all your data, we've got all of your your websites are down. We have all of this. In order to get it back. You're going to have to pay us so much in ransom
and we'll give you your your ship back. That's kind of the scenario that's interesting.
It it, uh, tripped me up because in that case, it's really stuff. And it's really people that you are ransoming which transfers to the physical world. But the attack you're talking about is actually technically ransomware in the cyber world. Sure. Yeah. Yeah, yeah. Fascinating.
And just to put things into perspective, I was mentioning to Corey, uh, before that, uh, two weeks ago, I was at the Panama Canal. Right. And it was very enlightening because, you know, we have been working together on this for quite some time, and I've been doing a lot more reading on maritime transportation, maritime security. And, uh, I didn't realize, I think vessels pay like up to $1.5 million, right, to go through the, uh, the Panama Canal.
And when you look at the cost of that's obviously very high, but some of these vessels, they can have up to 13,000 containers, right, Corey? Or even more.
With some of the new super container ships, you could see 20,000 containers. So what's a 1 million or a $1.5 million cost divided by 13,000 is.
100 bucks, right?
Yeah, it's 100 bucks a container. Yeah.
So we don't want obviously we don't want, uh, to give, uh, ideas right to the bad guys, but obviously they know this already. And we're talking about, uh, minimum cost per container. If somebody had to do this and something that they would probably say, you know what, let's pay it because we need to release these goods and we need to to move forward.
Yeah, that. That makes sense. So are there any, uh, benchmarks here? Like you talked about? One thing with which Ismael and I might have talked about as well. When you have, like, traditional network security, you learn all these lessons. It takes a very long time for people to learn these lessons. Then you go to web security and nobody knows those lessons. So you basically need to spend another decade almost starting over because none of the knowledge transfers.
But in terms of like all these different spaces, you know, web, mobile, all these other cyber spaces and I would say other industries as well. How does maritime compare? Like where would you put us on like a maturity model for maritime cybersecurity?
I. I want to hear what Israel has to say, but I, I think honestly, from a cybersecurity in general, when you look at the maritime industry and specifically at vessels, is probably about 10 or 15 years behind the rest of the world, um, on this, it's just not a problem. The industry up until the last few years has really been awake to the fact that, hey, this is something
that we need to look at and deal with. We we are talking to clients now that we never thought we'd be talking to about cybersecurity and protection, and people are realizing in, in the, in the global maritime industry that there's a cost to be able to do business. And now cyber protection is part of that cost. But if you look at what the costs are to mitigate, a potential issue could be 10 or 15 times what the cost is to provide some of the basic protections.
So the industry, it seems like, is now really waking up to the fact that this could be a real potential threat. And the threat can be sitting almost, almost anywhere in the world. But our feeling has been that the industry is is pretty far behind the time when it comes to the type of of knowledge and protection and things that the industry is doing to employ to be able to mitigate this. Now, some people are on
the other end of the spectrum. There's companies that that we've dealt with that have incredible protection and have standards that meet the rest of the world. And then there's other companies that don't even have a firewall operating on board their ships and are running old legacy systems, and networks aren't bifurcated. Some of the basic things that you know, that you would see, um.
It's very interesting that it's not very different from what we see in other critical, uh, sectors. Right. And I'm thinking, uh, transportation in general or factoring where you have, uh, sometimes, you know, small companies with not a lot of employees, but they, they have a, you know, really high revenue and they're being ransomed on a regular basis or they're
being targeted by, uh, threat actors. Um, you know, we've been looking at, uh, typhoon activity recently, uh, as probably know, an actor related to, uh, you know, China and how they're very interested in, in critical infrastructure, especially in the US, like Cisa has been reporting about this, uh, in the last few months. And we see on a regular basis, on a daily basis, activity coming from full typhoon targeting, um,
some of these critical sectors. So legacy systems, right. The interest, the geopolitical interest from threat actors, that makes an interesting cocktail. And if you add to that, that there is a lot of cybersecurity solutions today that they were not designed for these type of infrastructure. Corey touched on this before, uh, these ships, these vessels that are in the middle of
the ocean with as they have connectivity. Right? But it's GPS connectivity, low bandwidth, a lot of these security solutions, endpoint solutions, for example, they they rely on having a lot of, uh, a persistent connection, uh, where they can send a lot of data out and then do all, all of the analytics in the cloud and all of the AI, all the fancy stuff that doesn't always work when a system that it's an older OS and doesn't have that, uh, high bandwidth. So that that adds up to the challenge.
Yeah. Interesting. And I think, Corey, you mentioned that this is going to happen more in the future and that it's even happening in the past, or at least it's been tested. But what are some of those other things that have already happened?
So there's one thing that that pops out in my mind is there was back in 2013, there was an attack on an oil rig where the attackers gained access to the navigation system on an oil rig. As you know, a lot of oil rigs are floating platforms, and there is navigation where they move to stay in a particular spot, and the attackers actually gained access remotely to the navigation system and pulled the oil rig basically off station and was shut down, I think, for 2 or 3 months.
That was really one of the very first cases that that we really saw where there was interference directly within a navigation system of a vessel. And this was 2013. Um, there was a case, I believe, within the last month that our Intel teams were looking at as there was
a vessel in the Persian Gulf that had navigation system interference. Um, and we're seeing along with that, not just the potential of interference with the nav system on board, but one of the things that Ishmael had mentioned was the GPS spoofing. It's very easy to spoof the Global Positioning System, maybe not necessarily to get into the satellite side, but local spoofing. You can spend about 30 minutes on the internet, get a few hundred dollars in equipment, and you can fairly
easily locally spoof, uh, GPS. So it's interesting the also, some of the inherent insecurity in some of the way the maritime systems are designed is much different than, than other industries. The, the International Maritime Organization or we refer to the IMO. The standards are set by the IMO and then are pushed into all of the the signatory countries. So you have to imagine that you have to get basically 190 countries to agree on a particular standard when
it comes to how something is going to work. And, and some of those countries are good guy countries and others are bad guy countries. So yeah, it's it's interesting to see how this standard works that that may not have, um, be similar to like the financial industry or health care where the US can set its own standard and the UK and the EU and there's all these standards where shipping it's a pretty similar standard. So this whole global industry is able to work together.
You know, what I find interesting is, uh. There's a corollary with local crime. So there's a thing in the Bay area here with people stealing catalytic converters. Um, and it's what's interesting is it, um, wasn't really a big thing. And once it became a thing. Obviously within the criminal community. It just started happening and everybody it it became like a viral spread of a meme of like, this is a way to make money. And all of a sudden a bunch of criminals started doing it. So your, your
car was literally at threat. And I wonder if there was a similarity here where if criminals realize, hey, wait a minute, there's actually lots of money there. Wow. Think about how much money they have available or how important it is for them to deliver their cargo. Therefore, they will pay this much ransom. It's the type of thing where the spotlight shines on something interesting for the whole criminal community. And they're very smart and they're very synchronized,
and then they just start going there. Do you think this could become like. Similar to ransomware. In the past, it wasn't being done and all of a sudden it was. Could it really jump in incidents, do you think because of that?
I was actually discussing this with Corey, you know, a few weeks ago as well. We were, um, discussing like, global trends in I think it's just a matter of, of time. And sometimes it may actually be happening today, but we don't have the visibility because of the reasons we mentioned before, because they don't have the solutions in place. And we may as we get more visibility into these, we may say, oh, so these systems have been maybe compromised for, for quite some time. And it's just that
it doesn't have it doesn't have that impact yet. Uh, but for example, if you look at the availability of a lot of these tools, uh, many of the weapons that we see, uh, being used by attackers today are open source. Right? And X werm a sink rat. Um, I don't know you black matter. There's a lot of rats, right? Remote access tools out there that we see being used by cyber criminals worldwide, and they're just open source tools. We just didn't have that much availability of those tools before. So.
So absolutely. I think it's a matter of time. It might be actually happening, but we may not just see it.
I would I would agree and I, I think to that to Ishmael's point, I think it is happening. We're starting to see more and more of of things happening on vessels that you kind of scratch your head and say that's a cyber incident. And the other thing that the industry does a very bad job of is sharing information, unless it's required by some government organization like the SEC here in the United States, you're not going to have, um,
companies sharing information on how they were attacked. It's just it's really interesting to see that where in other interesting industries you do have that information sharing, but we just don't have it in the maritime industry. Eventually, I think the industry is going to get there because that spotlight
is moving slowly on to this industry. But we kind of feel from the interactions that that we're having in the industry that this is happening more and more than a number of companies are willing to admit.
Um, so do you have a list of these, by any chance? Uh, if not, you should start a GitHub. I'm like, all into this, uh, starting a public repo right now for different things. So it would be nice. You don't have to mark it as like, definitely. But if it's unknown and it looks fishy to you, like you're going to have like the best knows in the industry for smelling this out. Uh, especially you two combined.
So what if there was a GitHub repo and it was, like, possible cyber related maritime, and then you could have at the table, confirmed or not. That would be super useful. It would be like the best source anywhere.
It. It would it would be interesting to do. We would just have to figure out from our all of our nondisclosure legal agreements and protect our clients of, of that type of information. But to to give you an example we thought was really interesting is we were working with a client and we were on board their vessel and they were they were doing some repair work. So so we were talking to them about some of our solutions, and they, they mentioned to us that they had to
replace all of their bridge navigation hardware. That's really unusual because it was not that old. So we asked them and they said, well, we don't know what happened. There was some issue and the computer systems are corrupt and they're not working. And we just kind of walked away from that laughing, saying, yeah, you guys were the oh, you guys were the were the victims of a direct
cyber attack. And now they're replacing hundreds of thousands, if not millions of dollars in navigation hardware because it's rendered completely, completely useless. And that's that's a story that we're seeing, um, more and more often, um, that there's issues and computer systems have to physically be replaced. It's I mean, that's if you look at Maersk, that's basically what happened is every system in Maersk, for the most part had to
be replaced. That that's just an interesting. And that wasn't even an a direct attack on the company Maersk that came in through, I think it was a third party accounting software provider that they were using that the attack then launched into the entire Maersk system. But there was there was a huge replacement cost for them to replace systems that were were affected by that. And we're we're starting to see that some, some more often in, in maritime.
Yeah. We have been talking about cargo ships right here. But but maritime security, it's also about cruises. It's also about oh.
Yeah that's a good point.
Think about right. So think about, uh, you know, uh, VIP, uh, folks, executives maybe, you know, um, being targeted by some of these, uh, threat actors or just large cruises, right.
Uh, or if you look at that VIP side, Ishmael, the large yachts, I mean, that's your top. You take your top 50 wealthiest people in the world, and a lot of them have their own large yacht. And it's interesting that some of these yachts do very well on protecting the vessel from a cyber perspective. And other large yachts are just absolutely head in the sand, horrible when
it comes to that. But you have some of these wealthiest people in the world that are on board their yacht actually conducting business with their companies and, and all
of these things that are, that are happening. And then also to your point, you look at at cruise ships, there was a there was a cruise ship, and I won't say which one, but one of our, our tech people was on board doing something, and he found that he was very easily able to pivot from the guest network into the bridge operations network with without really doing anything at all. And I'm like, oh, there's a red flag.
We let them know, hey, you may want to look at that, but even some of the stuff that you would think like some of the basic IT protections in place, sometimes people don't seem to think about that. Like we recommend to our clients, like, hey, your crew network on board your cargo ship or your large yacht that shouldn't be connected to any critical system. We call it the Wild West. Let them do whatever they want. If they give each other viruses and it shuts down their systems phones,
who cares? But that keep that bifurcated and everything that operates on the critical networks, that needs endpoint protection, that needs to be behind the firewall, those need to be protected and bifurcated. Uh, pretty well. But a lot of
times you just don't you don't see that. And, and the crews are the ones, unfortunately, are bringing the viruses on, whether it's through social media or other sites or, or other things that are happening, just like in a financial institution, it's the people who are on their computers and jump on to a social media site or download something that they think is benign. And all of a sudden you've launched, you've launched an attack.
Segmentation, right. You talked about that before, like how, you know, we keep, uh, bumping into the same problem, the same, uh, back to the basics.
Yeah. Every time. Relearn the fundamentals. Yeah. What happens with, uh, autonomous or aren't a lot of people talking about autonomous vessels?
So that that that's very interesting is, is there are some autonomous vessels that are operating, um, in parts of the world. And I know, um, that there are a number of governments that are looking at the use of autonomous vessels to be able to move people and cargo from vessels at anchor into shore, potentially much quicker and more efficiently than trying to have berthing space for, for all of these vessels. So there's a lot of look
at being able to use autonomous vessels. Now, the nice thing about that is, is there's some really good tools that are available to protect that communication link from the shore to the autonomous vessel, and then tools for on board and and realistically, for the most part, you don't need to have a crew network on board those vessels. It's all internal operation to that vessel because it's a quick trip from the Anchorage in and and so but
that does add a very interesting mix. Um, when you look at the cyber protection piece, especially as you start to get what I'd call the over the horizon autonomous vessels, these are vessels that are, that are not going, you know, ten or 20 or 30 nautical miles, but hundreds of nautical miles. And now you're moving communication potentially from a
point to point network into the satellite network. So that opens up other potential vulnerabilities as, as you start to get into this and and especially with, with vessels, I mean, there's there's a lot of things that you would need to do to, to protect a vessel, um, from the autonomous standpoint, because all the navigation control is controlled by
a computer in some operations center somewhere on shore. So it's. Yeah, that's going to be very interesting as, as these autonomous vessels in the next 5 or 10 years start to become more prevalent, prevalent in the industry.
Yeah. And how how are people actually going to get better? Like where where are they going to learn this stuff from like, and how is threat Intel actually going to help them do that. Like do you see more coverage of threat Intel stuff? Is smile moving to this area like more interest from the industry? Um, and for for the actual customers themselves or the operators themselves. Where are they going to go? Because it doesn't seem like there's many cyber maritime resources out there.
Well, that's a very good question. And I have to say that, you know, I didn't um, I wasn't very knowledgeable on this on this field before. I don't think I'm not, you know, very knowledgeable or an expert right now. But obviously since, uh, we've been working, uh, closer with, uh, Quarry and Dryad security, uh, their team, we've been we've been learning more about this, this industry and how, um, like,
every industry has something in particular. Right? I think we have talked about this before, how threat intelligence is so related to the geopolitics and what we see in each region, how it's a specific to that, what we see, for example, in the Suez Canal. Right. It's very specific to to that, to that geopolitical situation right there. Um, and that transfer to absolutely everything. So hopefully by doing sessions like this, like your podcast. Thanks for having us. Uh, Daniel. Right.
We can we can create more awareness on these issues, but definitely, uh, you know, Dryad is, uh, a company that is doing a lot of, uh, work on, on these with, uh, Corey leading that. And we as a technology provider, we're very happy to, to empower them to be able to provide these, uh, security, uh, protection and security services, including the threat intelligence. Right. Because, you know,
correct me if I'm if I'm wrong, Corey. But you you guys have a lot of experience sharing, uh, you know, not just cyber security intelligence, but traditional threat Intel to, uh, to these, uh, vessels and these cruises. And cyber security is just one more aspect, right, of that, um, of that type of communication that you provide to your customers. So hopefully organizations are getting a lot more, um, aware of this.
That's good. So is there any reason for optimism, like is there any, uh, positive side to this? Corey looking forward.
I think there is. And and as we, we work to, to really try to educate the industry and and it's not just Dryad and the people here. I mean, we're working with with Ishmael and his team at BlackBerry, but also just other companies is if we start to share information and intelligence across the industry, it helps the entire industry be protected. And I think we're going to start to slowly see that shift where people are going to be willing to share that information and intelligence back and
forth with each other to get an idea. Hey, we saw this, and that confirms what you guys said over here or whatever that may be. As we're seeing, information sharing really is the key to how protection is done in the government and in the health care industry and financial and critical infrastructure. And I think we're going to see that here. The maritime industry is is kind of at just the dawn of waking up to we really
need to start to look at this problem. And as this evolves, this is going to evolve in the maritime industry, much different, I think, than it has in other industries. Just because technology is evolving so rapidly and we're seeing in the next few years we're going to see really, I think AI integrated into some of these solutions that is going to help this industry really advance the level
of of protection. So I'm pretty optimistic. This industry, um, is is built on a ton of very, very intelligent people, um, who are very concerned about this. So it's good to see the industry waking up. And, and I'm pretty optimistic that I think this is going to be an issue from an industry perspective that we're going to be able
to solve. I've been it was funny, my first cybersecurity seminar that I ever did in the maritime industry, I think was back in 2013 or 2014, and ten people showed up, and it was exciting just to have ten people in the room in maritime who are like, hey,
what's this cyber thing? So you think back to 2013, 2014 now when I, when I am part of these presentations, you get hundreds of people in the room and the webinars that that we do, and we have a number of them planned and not just us, but other cyber companies in the maritime industry. You're not getting 10 or 20 people. You're getting hundreds of people around the globe
signing up. We've had people reach out to us after our last webinar we did just a couple of weeks ago with BlackBerry as, hey, could you do a webinar specifically on on the threat intelligence for this and what's happening in this sector of the industry? So we're already seeing a sea change, you know, pardon the pun, but a sea change of people in the industry kind of waking up to this fact of like, oh, okay. And it's just but I but I laugh as like those
ten people, hey, they got 100% of me. And if 2 or 300 people show up, they get 100%. But it's just it's really cool to see that people are really waking up to that and now want the information. And, and so we're doing with BlackBerry to work on that, to be able to say, hey, we may see this potential threat in government or in the financial or health care, but that threat is going to very quickly, in some form,
probably move into maritime. So we almost have the ability to look into the future, to say, okay, what's happening in some of these other sectors that we think has a really good potential to then migrate into the maritime space.
Yeah. Well, that makes sense. And speaking of that information, you you mentioned a webinar. We're going to get all the links for the description in the video. But uh, you're talking about a webinar you did with a University of Plymouth, I think. Yeah, yeah. And then um, there's also a threat report that came out. Right. Ismail.
Yep. The threat report with the global trends. And we were sharing, you know, these statistics with, uh, with Dryad Global as well. And it's very interesting because we kind of see like that correlation, right with what what's happening in maritime security as well.
Yeah, it seems like I could help. Maybe be like a buffer to hopefully speed up adoption. Because the thing I like the most about AI is the fact that it never sleeps. So if you have an agent that could watch and just sort of help, maybe monitor or pay attention to the cybersecurity of the ship, that would be nice. Like like a crew member that doesn't sleep. That's one possible avenue. But, um, yeah, this is great. I definitely we don't.
We don't sleep. Daniel. I mean, we're we're that's true all all the time. We're in we're in separate time zones now. So, you know, it's it's my turn to take the proverbial watch here.
It's it's hard to scale, though. You got to be on a lot of boats. Got to be on a lot of boats. Well, this is, uh, great info. I'm going to put all the, uh, stuff in the video description as well. And it was, uh, great getting an education on this. Really appreciate the time.
Thank you very much, Daniel. It's great to be on. Thank you.
All right. Take care.