Rebuilding after NotPetya: How Maersk moved forward

In the wake of NotPetya attacks, Maersk’s IT and security teams embraced transparency, greater collaboration with business, and a risk-based approach.

Few cyber incidents are as well-known as the NotPetya attack in 2017. The attack crippled a number of companies, none more publicly than shipping giant Maersk, which temporarily lost its entire global operations.

Speaking at the 2019 Gartner Risk Summit in London, Adam Banks, Maersk’s chief technology and information officer, and Maersk's CISO, Andy Powell, gave an account of the day NotPetya struck the company. They detailed how they responded to and recovered from the incident, and what the company learned.

How NotPetya affected Maersk

Maersk, a major global shipping and logistics company has 76 ports, around 900 ships, approximately 4 million containers, and around 1,000 warehouses. A large vessel carries 22,000 containers, each equivalent to an articulated lorry. “This is a data-centric business,” said Banks. “If you think about the way data is used in this sort of business, unlike financial services, you can lock it up, you can't create a centralized data pool and put every form of defence around it.”

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!