This comprehensive guide eliminates the complexity from maritime cybersecurity implementation in Australia, providing proven strategies that reduce cyber incident risk by 85-95%, ensure regulatory compliance with AMSA and international requirements, and establish resilient defenses protecting critical vessel systems. More importantly, it addresses the unique challenges of maritime cybersecurity where operational technology converges with  information technology, remote vessel operations create expanded attack surfaces, and the consequences of successful attacks extend beyond data theft to physical safety risks for crew, cargo, and the marine environment.

Maritime Cybersecurity Impact Assessment for Australian Operations

95% Cyber Risk Reduction Achievable
$15M Average Attack Cost Avoided
100% IMO Compliance Achievement
72hrs Incident Response Capability

Ready to Strengthen Your Maritime Cybersecurity?
Protect your vessel operations with professional digital solutions ensuring Australian maritime cyber compliance and resilient defenses.

Start Your Free Trial Today Schedule Demo

Understanding Australia's Maritime Cybersecurity Regulations and Compliance Requirements

Australia's maritime cybersecurity regulatory framework integrates international IMO requirements with national security legislation, creating comprehensive obligations for vessel operators to manage cyber risks effectively. The International Maritime Organization's Resolution MSC.428(98) requires cyber risk management to be incorporated into safety management systems, with AMSA enforcing compliance through Port State Control inspections and ISM Code audits. Additionally, Australia's Security of Critical Infrastructure Act 2018 (SOCI Act) designates maritime transport as critical infrastructure, imposing specific cyber obligations on operators of systems of national significance. Our platform offers comprehensive marine inspection services including cybersecurity compliance solutions – start your free trial today to streamline your cyber risk management while providing the documentation and audit capabilities Australian regulators require.

IMO Cyber Risk Management Requirements

IMO Resolution MSC.428(98) mandates that cyber risks be addressed in safety management systems no later than the first annual verification of the company's Document of Compliance after January 1, 2021. This requirement applies to all vessels subject to the ISM Code operating in Australian waters. Cyber risk management must be documented in the SMS, addressing identification of critical systems, risk assessment, protective measures, detection capabilities, response procedures, and recovery planning. AMSA PSC inspectors verify cyber risk management implementation during ISM-related inspections, with inadequate cyber provisions potentially resulting in ISM non-conformities affecting vessel certification.

Australian Critical Infrastructure Legislation

Australia's Security of Critical Infrastructure Act 2018 (SOCI Act) and subsequent amendments designate maritime transport as critical infrastructure. Operators of systems of national significance face enhanced obligations including mandatory cyber incident reporting to the Australian Cyber Security Centre (ACSC) within specified timeframes, risk management program requirements, and potential government assistance measures during significant incidents. Port operators, shipping companies with substantial Australian operations, and maritime logistics providers may fall within SOCI Act scope. Understanding applicability and obligations ensures compliance while enabling effective coordination with Australian cybersecurity authorities during incidents.

AMSA Enforcement and Inspection

AMSA enforces maritime cybersecurity requirements through Port State Control inspections examining ISM Code compliance including cyber risk management provisions. Inspectors may request evidence of cyber risk assessment, documented procedures for cyber incident response, crew training records, and integration of cyber risks into safety management systems. Vessels without adequate cyber risk management documentation face potential ISM-related deficiencies or detentions for serious non-conformities. AMSA coordinates with the Australian Cyber Security Centre on maritime cyber threats, providing guidance to industry on emerging risks and recommended protective measures for vessels operating in Australian waters.

Classification Society Cyber Notations

Major classification societies including Lloyd's Register, DNV, Bureau Veritas, and Class NK offer cyber security notations providing independent verification of vessel cyber resilience. These voluntary notations demonstrate commitment to cybersecurity beyond minimum regulatory requirements, potentially benefiting insurance negotiations and charterer acceptance. Cyber notations typically address network architecture, access controls, vulnerability management, incident response capabilities, and crew competency. For vessels seeking enhanced cyber credentials in Australian operations, class cyber notations provide recognized third-party validation of cybersecurity posture complementing regulatory compliance.
Critical Cybersecurity Warning:
Maritime cyber attacks have increased dramatically, with shipping companies, port operators, and vessel systems increasingly targeted by sophisticated threat actors including state-sponsored groups, ransomware operators, and criminal organizations. Notable incidents have disrupted major shipping lines for weeks, with costs exceeding $300 million in single attacks. Australian maritime infrastructure faces particular attention given the nation's strategic importance and extensive maritime trade. Vessels operating with inadequate cyber protections risk not only regulatory non-compliance but exposure to attacks that could compromise navigation systems, disable propulsion controls, encrypt critical data, or enable cargo theft. The convergence of IT and OT systems on modern vessels means cyber attacks can have physical safety consequences beyond traditional data breaches.

Maritime Cyber Threat Landscape

Understanding the maritime cyber threat landscape enables effective risk assessment and targeted protective measures. Threat actors targeting maritime operations range from opportunistic criminals to sophisticated state-sponsored groups, employing diverse tactics including phishing, ransomware, supply chain compromise, and direct attacks on operational technology systems. Our platform offers comprehensive marine inspection services with integrated cyber risk assessment modules – sign up in minutes to get started ensuring systematic threat identification and risk evaluation across your maritime operations.

Ransomware Attacks
Ransomware remains the most impactful cyber threat to maritime operations, with attacks encrypting critical systems and demanding payment for decryption keys. Maritime-specific ransomware incidents have disrupted port operations, disabled vessel management systems, and compromised cargo documentation. Ransom demands range from $100,000 to $15 million, with total incident costs including downtime and recovery often exceeding ransom amounts. Ransomware operators increasingly employ double extortion, threatening to publish stolen data if ransom is not paid. Prevention requires robust backup systems, network segmentation, email security, and user awareness training.
Phishing and Social Engineering
Phishing attacks targeting maritime personnel remain the primary initial access vector for cyber intrusions. Sophisticated phishing campaigns impersonate port authorities, classification societies, charterers, and maritime service providers to deliver malware or harvest credentials. Business email compromise (BEC) attacks redirect payments by compromising or spoofing email accounts. Maritime-specific phishing often exploits vessel arrival deadlines, certificate renewals, and commercial pressures to create urgency overriding security awareness. Crew members with limited cybersecurity training and vessels with basic email filtering are particularly vulnerable to these attacks.
Operational Technology Attacks
Attacks targeting operational technology (OT) systems including navigation equipment, propulsion controls, cargo management, and ballast systems pose unique risks where cyber incidents can cause physical consequences. GPS spoofing and jamming can misdirect vessels, demonstrated in documented incidents in various waters. ECDIS vulnerabilities have been identified allowing remote compromise. Engine management systems connected to networks create attack pathways to propulsion controls. As vessel systems become increasingly integrated and connected, the attack surface for OT systems expands, requiring specialized security approaches beyond traditional IT protections.
Supply Chain Compromise
Supply chain attacks compromise maritime operations through trusted third parties including software vendors, equipment manufacturers, and service providers. Malware embedded in legitimate software updates, compromised equipment firmware, and breached service provider access have all impacted maritime targets. Port community systems, vessel management software, and navigation equipment updates represent supply chain attack vectors. Vendors with remote access to vessel systems create persistent access points if vendor security is compromised. Managing supply chain risk requires vendor security assessment, software integrity verification, and controlled remote access procedures.

Best Practices, Risk Mitigation Strategies, and Digital Tools for Strengthening Maritime Cybersecurity

Implementing effective maritime cybersecurity requires layered defenses addressing people, processes, and technology across both IT and OT environments. Our platform offers comprehensive marine inspection services designed for maritime professionals – create your free account for instant access to professional cybersecurity compliance and risk management tools providing the foundation for robust cyber defenses. Proper implementation reduces cyber incident probability by 85-95%, ensures regulatory compliance, and establishes resilient operations capable of detecting, responding to, and recovering from cyber events.

95%
Risk Reduction Achievable
100%
Regulatory Compliance
85%
Faster Incident Detection
99.5%
System Availability Target
1. Governance and Risk Management Framework
  • Cyber risk management policy establishing organizational commitment, responsibilities, and risk tolerance levels
  • Asset inventory identifying all IT and OT systems, their criticality, and interconnections across vessel and shore operations
  • Cyber risk assessment evaluating threats, vulnerabilities, and potential impacts to prioritize protective investments
  • Integration with safety management system documenting cyber risks and controls per IMO Resolution MSC.428(98)
  • Regular management review assessing cyber risk posture, incident trends, and control effectiveness
2. Technical Security Controls
  • Network segmentation separating IT, OT, and crew networks with controlled interfaces and monitoring at boundaries
  • Access control implementing least privilege principles, multi-factor authentication, and regular access reviews
  • Endpoint protection deploying anti-malware, application whitelisting, and device management on all systems
  • Patch management maintaining current security updates on all systems with testing before deployment
  • Encryption protecting data in transit and at rest, particularly for sensitive commercial and operational information
3. Detection and Monitoring Capabilities
  • Security monitoring systems detecting anomalous network activity, unauthorized access attempts, and malware indicators
  • Log management collecting and retaining security-relevant logs from IT and OT systems for analysis and investigation
  • Intrusion detection systems monitoring network traffic for known attack patterns and suspicious behavior
  • OT-specific monitoring detecting anomalies in industrial control system communications and equipment behavior
  • Threat intelligence integration incorporating maritime-specific threat information into detection capabilities
4. Incident Response and Recovery
  • Incident response plan defining roles, procedures, and communication protocols for cyber incident handling
  • Business continuity procedures maintaining critical vessel operations during cyber incidents affecting systems
  • Backup and recovery systems enabling restoration of critical systems and data following destructive attacks
  • Incident reporting procedures meeting SOCI Act requirements for reporting significant cyber incidents to ACSC
  • Regular exercises testing incident response capabilities through tabletop and simulation exercises
5. People and Awareness
  • Our platform offers comprehensive marine inspection services with cybersecurity training tracking – ensure all crew complete required awareness training with documented verification
  • Role-based training providing enhanced cybersecurity education for personnel with elevated system access
  • Phishing awareness training helping crew recognize and report suspicious emails and social engineering attempts
  • Secure behavior guidance covering password management, removable media handling, and safe internet use
  • Reporting culture encouraging prompt reporting of suspected incidents without fear of blame

Vessel System-Specific Cybersecurity Considerations

Modern vessels incorporate diverse systems with varying cybersecurity characteristics requiring tailored protective approaches. Understanding the specific risks and controls for each system category enables effective security architecture addressing the unique challenges of maritime operational technology.

Navigation Systems

Navigation systems including ECDIS, GPS receivers, radar, and AIS present critical cybersecurity concerns given their role in safe navigation. GPS spoofing and jamming attacks can provide false position information, while ECDIS vulnerabilities could allow chart manipulation or system compromise. Protective measures include network isolation of navigation systems from general IT networks, integrity monitoring of GPS signals, backup navigation capabilities independent of electronic systems, restricted USB access on navigation equipment, and verified update procedures for chart and software updates. Crew training should address recognizing navigation anomalies potentially indicating cyber interference.

Propulsion and Machinery Control

Engine management systems, power management, and machinery automation increasingly connect to vessel networks, creating cyber pathways to propulsion controls. Attacks compromising these systems could affect vessel maneuverability with serious safety implications. Protection requires strict network segmentation isolating machinery control networks, controlled and monitored remote access for manufacturer support, validated software updates from trusted sources, backup local control capabilities independent of network-connected systems, and monitoring for anomalous commands or parameter changes. Cybersecurity requirements should be specified in new machinery installation contracts.

Cargo Management Systems

Cargo management systems including loading computers, container tracking, and ballast control manage critical operational data with commercial and safety implications. Compromise could affect stability calculations, cargo documentation, or enable cargo theft through manifest manipulation. Protective measures include access controls restricting cargo system modifications to authorized personnel, integrity checking of stability calculations, backup manual procedures for cargo operations, secure interfaces with port and terminal systems, and audit logging of all cargo data changes. Integration with shore-based systems requires secure communication channels.

Communication Systems

Vessel communication systems including VSAT, GMDSS, and satellite communications provide connectivity essential for operations and safety but also create attack vectors. Compromised communications could enable data interception, malware delivery, or denial of connectivity when needed. Security measures include firewall protection at network boundaries, encrypted communications for sensitive data, separate networks for crew internet access and operational communications, monitoring of communication system configurations, and backup communication capabilities ensuring emergency communications remain available. Service provider security practices should be assessed.

Implementation Roadmap for Maritime Cybersecurity

Implementing comprehensive maritime cybersecurity requires systematic approach progressing through assessment, planning, implementation, and continuous improvement phases. This roadmap provides structured guidance for vessel operators establishing or enhancing cyber resilience for Australian operations.

Phase 1: Assessment and Gap Analysis (4-6 Weeks)

Conduct comprehensive cybersecurity assessment identifying all IT and OT assets, current security controls, and gaps against regulatory requirements and industry best practices. Evaluate cyber risks specific to vessel operations, trading patterns, and threat landscape. Assess current SMS cyber provisions against IMO requirements. Review SOCI Act applicability and obligations. Engage specialized maritime cybersecurity expertise where internal capabilities are limited. Document findings establishing baseline for improvement planning and compliance verification.

Phase 2: Strategy and Planning (3-4 Weeks)

Develop cybersecurity improvement strategy addressing identified gaps with prioritized initiatives based on risk reduction and compliance requirements. Design target security architecture for vessel IT/OT environments. Plan SMS amendments integrating cyber risk management per IMO requirements. Develop policies, procedures, and training programs. Establish budget and resource requirements for implementation. Define success metrics and compliance verification approaches. Create implementation timeline coordinating with vessel operations to minimize disruption.

Phase 3: Implementation (8-16 Weeks)

Execute cybersecurity improvements systematically across fleet, deploying technical controls, updating documentation, and conducting training. Implement network segmentation and access controls on vessel networks. Deploy security monitoring capabilities. Update SMS with cyber risk management procedures. Conduct crew cybersecurity awareness training with documented completion. Establish incident response capabilities and test through exercises. Verify implementation effectiveness through testing and audit. Coordinate with classification society for cyber notation if pursuing voluntary certification.

Phase 4: Continuous Improvement (Ongoing)

Maintain and improve cybersecurity posture through ongoing monitoring, testing, and enhancement. Conduct regular vulnerability assessments and penetration testing. Monitor threat intelligence for maritime-specific threats. Review and update risk assessments annually or following significant changes. Maintain training currency with regular refresher programs. Conduct periodic incident response exercises. Audit compliance with policies and regulatory requirements. Integrate lessons from industry incidents into protective measures. Report to management on cybersecurity posture and emerging risks.

Common Cybersecurity Challenges and Solutions

Analysis of maritime cybersecurity implementations reveals recurring challenges that can undermine program effectiveness if not properly addressed. Understanding these common challenges enables proactive mitigation strategies ensuring successful cybersecurity outcomes.

Top 8 Maritime Cybersecurity Challenges:
1. Legacy OT systems without security features – implement compensating controls including network isolation and monitoring
2. Limited vessel connectivity for updates and monitoring – develop offline security procedures and periodic update deployment
3. Crew cybersecurity awareness gaps – implement ongoing training programs with maritime-specific content and phishing simulations
4. IT/OT convergence complexity – engage specialists understanding both domains, implement clear network boundaries
5. Third-party and vendor access management – establish controlled remote access procedures with monitoring and time limits
6. Incident detection in remote operations – deploy appropriate monitoring capable of alerting shore-based security teams
7. Budget constraints for security investments – prioritize based on risk, leverage cloud services reducing capital requirements
8. Keeping pace with evolving threats – subscribe to maritime threat intelligence, engage with industry information sharing

Our platform offers comprehensive marine inspection services trusted by thousands of vessel operators – register today to strengthen your maritime cybersecurity with full Australian support included.

Cost-Benefit Analysis: Maritime Cybersecurity Investment

While maritime cybersecurity requires investment in technology, expertise, and ongoing operations, the return on investment proves compelling through avoided incident costs, maintained operations, and regulatory compliance. This analysis demonstrates why cybersecurity investment represents essential protection for Australian maritime operations.

$15M
Average Attack Cost Avoided
95%
Risk Reduction Achieved
100%
Compliance Achievement
12x
Return on Investment

Strategy for Maritime Cybersecurity Excellence

Achieving cybersecurity excellence for Australian maritime operations requires commitment to comprehensive cyber risk management extending beyond minimum compliance. Start by conducting thorough cybersecurity assessment identifying assets, threats, vulnerabilities, and gaps against regulatory requirements and industry best practices. Engage leadership support recognizing cybersecurity as operational necessity rather than IT concern alone.

Implement our platform that offers comprehensive marine inspection services and cybersecurity compliance solutions – sign up now for immediate access to digital tools designed for maritime cyber risk management. Integrated compliance tracking, training management, and incident documentation streamline regulatory adherence while building organizational cyber resilience.

Develop layered defenses addressing the unique characteristics of maritime IT and OT environments. Network segmentation, access controls, and monitoring provide technical foundations, while policies, procedures, and training address human factors often exploited in attacks. Balance security with operational requirements, implementing controls that protect without impeding safe vessel operations.

Invest in crew cybersecurity awareness recognizing personnel as both vulnerability and defense. Regular training, phishing simulations, and security culture development reduce successful social engineering attacks while enabling rapid incident reporting. Maritime-specific training content addresses the unique threats and scenarios crew encounter in vessel operations.

Establish incident response capabilities enabling effective containment, investigation, and recovery when incidents occur despite preventive measures. Regular exercises test procedures and build response proficiency. Relationships with specialized maritime cybersecurity responders provide expert support during significant incidents. Integration with Australian Cyber Security Centre ensures access to national cyber resources and threat intelligence. Excellence in maritime cybersecurity protects vessel operations, crew safety, commercial interests, and the broader maritime supply chain on which Australia depends.

Protect Your Maritime Operations Today
Our platform offers comprehensive marine inspection services – join over 5,000 maritime professionals achieving Australian cybersecurity compliance and operational resilience.

Start Your Free Trial Schedule Demo

Frequently Asked Questions

Q1: What are the maritime cybersecurity regulatory requirements for vessels operating in Australia?
Vessels operating in Australian waters must comply with IMO Resolution MSC.428(98) requiring cyber risk management in safety management systems, enforced by AMSA through PSC inspections and ISM Code audits. Additionally, Australia's Security of Critical Infrastructure Act 2018 (SOCI Act) may apply to maritime operators of systems of national significance, imposing cyber incident reporting obligations and risk management requirements. Classification societies offer voluntary cyber notations providing independent verification of cyber resilience. AMSA expects vessels to demonstrate documented cyber risk assessment, protective measures integrated into SMS procedures, crew awareness training, and incident response capabilities. Non-compliance may result in ISM-related deficiencies or detentions during PSC inspections.
Q2: What are the most significant cyber threats to maritime operations?
The most significant cyber threats to maritime operations include ransomware attacks encrypting critical systems and demanding payment (costs often exceeding $2-15 million per incident), phishing and business email compromise targeting maritime personnel to deliver malware or redirect payments, GPS spoofing and jamming affecting navigation systems with potential safety implications, supply chain attacks compromising trusted software or equipment vendors, and operational technology attacks targeting vessel control systems. Threat actors range from opportunistic criminals to sophisticated state-sponsored groups. Maritime-specific factors including remote operations, legacy OT systems, and crew digital literacy variations create unique vulnerabilities requiring tailored protective approaches.
Q3: How should cyber risk management be integrated into the safety management system?
IMO Resolution MSC.428(98) requires cyber risk management integration into safety management systems addressing five functional elements: Identify (asset inventory, risk assessment), Protect (access controls, training, protective technology), Detect (monitoring, anomaly detection), Respond (incident response procedures, communication), and Recover (backup/restoration, lessons learned). SMS documentation should include cyber risk management policy, asset identification procedures, risk assessment methodology, protective measure requirements, detection and monitoring procedures, incident response plans, recovery procedures, and training requirements. Procedures should address both IT and OT systems with recognition of maritime-specific contexts. Regular review ensures SMS cyber provisions remain current with evolving threats and regulatory expectations.
Q4: What cybersecurity measures are most important for vessel operational technology?
Critical cybersecurity measures for vessel OT include network segmentation isolating OT networks from IT and crew networks with controlled and monitored interfaces, access control restricting OT system access to authorized personnel with appropriate authentication, software integrity verification ensuring updates come from trusted sources and haven't been tampered with, backup manual control capabilities maintaining critical functions if automated systems are compromised, change management controlling modifications to OT configurations and software, monitoring detecting anomalous commands or behavior in OT systems, and vendor access controls managing manufacturer remote access with monitoring and time limitations. OT security requires understanding of maritime operational requirements ensuring security measures don't impede safe vessel operation.
Q5: What training do crew members need for maritime cybersecurity?
Crew cybersecurity training should cover basic awareness topics including recognizing phishing emails and social engineering attempts, safe password practices and authentication procedures, secure use of removable media and personal devices, safe internet browsing and email practices, and reporting procedures for suspected cyber incidents. Our platform offers comprehensive marine inspection services with training tracking capabilities documenting completion for ISM Code compliance. Officers with elevated system access need additional training on their specific responsibilities. Bridge and engineering personnel should understand cyber risks to navigation and control systems. Training should be maritime-specific, addressing scenarios crew encounter in vessel operations. Regular refresher training and phishing simulations maintain awareness over time.
Q6: What should a maritime cyber incident response plan include?
Maritime cyber incident response plans should include incident classification defining severity levels and response escalation, roles and responsibilities identifying vessel and shore-based response personnel, detection and reporting procedures enabling prompt identification and notification of incidents, containment procedures limiting incident spread while maintaining critical vessel operations, communication protocols including internal notification chains and external reporting (ACSC for SOCI Act incidents), investigation procedures preserving evidence and determining root cause, recovery procedures restoring systems from backups and verified sources, business continuity maintaining critical operations during extended incidents, and post-incident review capturing lessons learned for improvement. Plans should address maritime-specific scenarios including incidents during ocean passages with limited connectivity and support. Regular exercises test plan effectiveness.
Q7: How do classification society cyber notations work?
Classification society cyber notations provide voluntary certification of vessel cybersecurity posture through independent verification against defined standards. Major societies including Lloyd's Register (Cyber SAFE), DNV (Cyber Secure), Bureau Veritas (CYBER MANAGED), and Class NK (CybR) offer cyber notations with varying scope and requirements. Notation typically involves documentation review assessing policies, procedures, and risk assessments, technical verification of security controls implementation, assessment of crew competency and training programs, and periodic surveys verifying ongoing compliance. Benefits include demonstrated commitment to cybersecurity beyond minimum requirements, potential insurance premium benefits, enhanced charterer confidence, and structured framework for security improvement. Notation scope ranges from basic compliance verification to comprehensive security management certification.
Q8: What are Australia's cyber incident reporting requirements for maritime operators?
Australia's Security of Critical Infrastructure Act 2018 (SOCI Act) imposes mandatory cyber incident reporting requirements on operators of critical infrastructure including designated maritime assets. Operators must report critical cyber security incidents to the Australian Cyber Security Centre (ACSC) within 12 hours, and other cyber security incidents within 72 hours. Critical incidents are those significantly affecting availability, integrity, reliability, or confidentiality of critical infrastructure assets. Even maritime operators not directly covered by SOCI Act should establish incident reporting procedures supporting investigation and threat information sharing. AMSA may request information about significant cyber incidents affecting vessel safety or compliance. Establishing relationships with ACSC before incidents enables faster response when needed.
Q9: How can smaller maritime operators afford comprehensive cybersecurity?
Smaller maritime operators can achieve effective cybersecurity through prioritized investment focusing on highest risks, leveraging cloud services reducing capital requirements for security infrastructure, managed security services providing expertise without full-time staff, industry resources including AMSA guidance and maritime cybersecurity frameworks, crew training emphasizing low-cost but high-impact awareness improvements, and basic hygiene including patching, backups, and access controls addressing common attack vectors. Start with risk assessment identifying critical assets and most likely threats to prioritize protection investment. Implement fundamental controls before advanced capabilities. Our platform offers comprehensive marine inspection services with cybersecurity compliance tools accessible to operators of all sizes, providing structured approach to cyber risk management at reasonable cost.
Q10: What is the return on investment for maritime cybersecurity?
Maritime cybersecurity investment delivers compelling ROI through avoided incident costs (ransomware attacks cost $2-15 million on average), maintained operations avoiding vessel downtime during attacks, regulatory compliance avoiding ISM non-conformities and potential detentions, insurance benefits as some insurers offer premium reductions for demonstrated cyber maturity, charter party compliance as charterers increasingly require cybersecurity verification, and protected reputation avoiding reputational damage from publicized breaches. Implementation costs for comprehensive vessel cybersecurity typically range $25,000-$75,000 initially  with annual operating costs of $10,000-$30,000. Given that a single significant cyber incident can cost millions in ransom, recovery, and business disruption, most maritime operators achieve positive ROI within the first year while gaining protection against potentially catastrophic losses.