Enhancing cyber security awareness in maritime industry

Abstract

Cyber security is the combination of stakeholders, policies, processes and technologies to protect cyber assets of any industry. It is optimized to levels that help shipping personnel define, balance resources required with usability/manageability and the amount of risk offset. The aim of this paper is to develop understanding and awareness of key aspects of cyber security – identify threats, identify vulnerabilities, assess risk exposure, develop protection & detection measures & establish contingency plans. Furthermore, establish guidelines for operators on how to assess their ship’s operations & put in place necessary procedures and actions to maintain the security of cyber systems for marine industry. The integration of technology in shipping operations is being enabled by the integration of Information Technology and the Operation Technology on board ships. This has enhanced the threats of unauthorised access or malicious interventions to ship’s systems and networks. The measures to guard against cyber threats should include, (i) quantification and type of risks to security, environment and commerce if no cyber security measures are in place, (ii) due protection to IT and OT infrastructure and its networked equipment, (iii) management of access (iv) protecting data related with its sensitivity. With emerging technologies, there is a direct applicability of trends like Artificial Intelligence to enhance security and fraud prevention. Extending the use of Security Analytics for understanding and detecting risk level of vulnerabilities, improving the performance of own security policy by removal of unnecessary data, feature extraction and selection, data cut off, parallel processing, machine learning and deep learning algorithms – are some examples for the use of advanced technologies for improving Cybersecurity.