BSides Las Vegas, data science applications to maritime security

On August 2^nd-3^rd the 8^th annual BSidesLV open forum on information security took place in Las Vegas.
BSidesLV is a non-profit organization aiming to advance the scientifically based Information Security knowledge: the conference is designed to provide simultaneously education, collaboration, and conversation to information technologists and those associated with such field.
The two-day BSides conference is a small event, compared to other ones on the same topic held in the same time frame, but it is strategically scheduled to take advantage of the presence of leaders, professionals and new learners. Attendance to the conference is for free, which is unique among Las Vegas conferences: everyone is a participant, sharing experience and insights on IT/cyber security.
Among the lectures, Chad Dewey, a computer science and information systems instructor at Michigan’s Saginaw Valley State University, specifically addressed the matter of maritime security with his talk Cruise Line Security Assessment or Hacking the High Seas. Dewey outlined some current security problems in cruising lines, which are related to an obsolete approach to operating systems and cyber security. Some navigation systems on cruise line ships are still run by Windows XP operating system, which ceased getting updates in April 2014, leaving security holes. Most ships are connected to the Maritime Telecom Network at sea: some default usernames and passwords were still in use, leaving ships’ public-facing IT services vulnerable. Alongside this relevant talk, Ken Westin, information security analyst and researcher, explored the possible applications of data science concepts to Information Security: more threat intelligence, network intelligence and endpoint security data can be easily accessed now than ever before, creating meaningful data to enhance the current information security processes.