Choose Location

P52292 Maritime Cyber Security Seminar
Download Brochure Request

Register your interest

Comments

Register your interest

Comments

Maritime Cyber Security Seminar

26 – 27 September 2019 | Mandarin Orchard Hotel, Singapore

Register Your Interest Download Brochure

MCF Training Grant Is Available For Eligible Participants.
Please Refer To www.mpa.gov.sg/mcf For Information.
SPECIAL 1 + 1 OFFER. REGISTER 2 DELEGATES AT THE PRICE OF ONE.

overview

Key Learning Outcomes

  • The principles and emerging trends in maritime cybersecurity, including analytics, critical infrastructure, key threats and risk assessment
  • Adopt risk-based cyber best practices: Planning, fieldwork execution, reporting
  • Understand the attack methodologies and life cycle in network, application and cryptography attacks
  • Cyber Threat Landscape – Latest trends and vulnerability identification
  • Technologies, connectivity and cyber risk assessment – ship board and terminal systems
  • Protection measures on-board vessels and at ports/terminals
  • Find out how to analyse and respond in the event of a cyber threat – incident preparation and detection best practices
  • Developing a pragmatic cyber risk framework
  • Training guidelines for crew, agents, service providers and on-shore parties
  • Cyber risk response and business continuity
  • Discuss options available for cyber security technologies and cyber liability, insurance

Unique Feature and Highlights

  • Practical, real life examples and sample checklists on critical areas of concern in cyber security
  • Hands-on exercises including how to exploit vulnerabilities and defend against them on vessels
  • Demos, videos, quizzes to reinforce participants’ understanding of key cybersecurity principles
  • Case Study – Large shipping company infected with the malware that cost them $300m to remediate
  • Case Study – Has your vessel been compromised? How to investigate the vessel has not been compromised
  • Demo: Live hacking of vessel
  • Demo: VSAT and GPS System hack

Who Should Attend

This programme will benefit both IT and non-IT professionals from shipowners & managers, charterers, classification societies, port & terminal operators, and marine service providers:

  • Personnel responsible for IT Governance, IT Risk Audit and Information Security
  • Network Security
  •  e-Crime / Business Crime
  • Disaster Recovery
  • Business Continuity
  • Innovation
  • Fleet Directors, Ship Captains / Masters
  • Risk Professionals
  • Ship & Port Agents

Digital Badge

Upon completion of this training course, participants will earn a digital badge.

Earners of Maritime Cyber Security Certificates have acquired practical understanding of the principles and emerging trends in cybersecurity within marine industry, including analytics, critical infrastructure, key threats and risk assessment. They are equipped with best practices in vulnerability identification, global guidelines for on-board vessels’ protection measure, security management for fleet or at terminals. They are skilled in developing a pragmatic cyber risk framework, contingency planning and business continuity management.

Skills:
attack methodologies, critical infrastructure, risk exposure assessment, cybersecurity, BIMCO Guidelines, crew training, fleet cybersecurity, protection measures, port cybersecurity, contingency planning, business continuity, cybersecurity insurance, cyber insurance, cyber risk response, cyber risk framework, detection, prevention, penetration testing, operational technologies.

Eligibility:
Attend and participate in the 2 full days of training course duration, led by the designated training expert

Available to:
Seminar attendees

Digital Badge FAQ >

trainer

Manish Chawda Maritime Cyber Security Seminar

Manish Chawda

Partner in Pragma Singapore

Agenda

CYBERSECURITY IN THE MARITIME INDUSTRY

  • Introduction to cybersecurity and key principles
  • Systems and connectivity in the marine supply chain
  • Financial, Legal and operational implications
  • IMO Safety Management Systems (ISM CODE 2021)
  • Digital trends in maritime industry

CYBER THREAT LANDSCAPE – LATEST TRENDS AND VULNERABILITY IDENTIFICATION

  • Key threats, threat actors and motivations
  • Cyber underground
  • Supply chain risks
  • Assess risk exposure (Ship perspectives) and impacts
  • Assess on-shore risk exposure (ports sector) and impacts

EXERCISE: TECHNOLOGIES, CONNECTIVITY AND CYBER RISK ASSESSMENT – SHIP BOARD AND TERMINAL SYSTEMS ATTACK METHODOLOGIES – OVERVIEW

  • Attack lifecycle – Learning the steps of launching a cyber-attack that breach vessels
  • Attack lifecycle – how attacks are launched?
    • Fundamentals behind attack methodologies Network attacks (Man in the middle, Ping of Death, DDoS), Wireless
    • Cryptography
    • Phishing
    • Social engineering, malicious software, trojans, viruses, ransomware
    • Rootkit, application vulnerabilities, SQL injection
    • Cross-site scripting (XSS), Cross-site request forgery (CSRF)
  • Frameworks of attack tools (Kali Linux, Metasploit, etc)
  • Threats posed by unauthorised access to vessel systems
  • Threats to interconnected vessels and autonomous infrastructure

PROTECTION MEASURES ON-BOARD VESSELS

  • BIMCO Guidelines on cyber security onboard ships
  • Crew training guidelines, crew requirements and operations in the event of cyber attacks
  • Electronic communication guidelines across ships, ports and authorities ashore
  • Cybersecurity quality for agents
  • Updating real-time information into owner’s vessel management system
  • Cyber risk management process with service providers in supplier agreements

EXERCISE: PROTECTION MEASURES FOR KEY OPERATIONAL TECHNOLOGY

  • Navigation Systems
  • Vessel Tracking Systems
  • Terminal Management Systems

FLEET CYBER SECURITY MEASURES – CASE STUDY

  • Fleet vulnerability management
  • Fleet-wide standard cyber security strategy
  • Potential new vulnerabilities
  • Risk assessment documentation
  • Fleet-wide remote scanning capability

PROTECTION MEASURES AT PORT / TERMINAL

  • Port automation and cybersecurity risks
  • Operational systems and data networks
  • Resilience exercises

PENETRATION TESTING (PT) CASE STUDIES

  • How PT can be used as a tool to improve enterprise security
  • What to expect from PT and best practices in adoption
  • PT strategies, categories and when to use
  • Fingerprinting, user harvesting, access control, privilege elevation

DEVELOPING A PRAGMATIC CYBER RISK FRAMEWORK

  • How companies manage cyber risks: Risk scenarios, application, mitigation measures
    • Cyber risk detection Identifying crown jewels and third-party relationships
    • Establishing threat awareness and ability to detect patterns
    • Applying cyber intelligence to identify and manage risks
    • How to proactively assess cyber risk?
  • Cyber risk prevention Planning and implementing “Secure by Design”
    • Securing risk-sensitive assets – Controls to mitigate known and emerging threats
    • How to assess and manage cyber risk and compliance?
    • Key security considerations: Design, requirements, strategy
  • Effective Cybersecurity audit approach
    • Risk-based audit methodology – best practices (planning, fieldwork, reporting, on-going activities)
  • Effective Cybersecurity audit approach and latest tools

EFFECTIVE CYBERSECURITY AUDIT APPROACH AND CYBER SECURITY RISK MANAGEMENT CASE STUDIES

  • Latest tools for cyber security risk management
  • Ship to shore systems
  • Jamming of navigation systems case study
  • Remote access control security
  • Maritime SATCOMS Cyber security

EXERCISE: CONTINGENCY PLANNING DEVELOPMENT

  • Disabled/manipulated electronic navigational equipment
  • Disabled/manipulated electronic industial control systems and other critical systems
  • What to do with unconfirmed data threat?
  • Handle ransomeware incidents
  • Operational contingencies

INCIDENT ANALYSIS INVESTIGATING CYBER INCIDENTS

  • Incident exercises and preparation
  • Incident detection and analyses
  • Containment, eradication and recovery

CYBER RISK RESPONSE AND BUSINESS CONTINUITY

  • Prepare, plan, exercise, simulate, wargame
  • Building and maintaining a response plan
  • How to react quickly to cyber-attacks and reduce the impact?
  • Cleaning up, business continuity and disaster recovery planning
  • PR Intervention and Legal assistance

CYBERSECURITY INSURANCE

  • Liability, Charterparties, Claims and P&I
  • Standard protection packages – an overview
  • Key insuring clauses (privacy, network security, media, cyber extortion, data asset loss, business interruption loss, recovery costs, incident response expenses, regulatory penalties etc)

when & where

26 - 27 Sep 2019

Mandarin Orchard Singapore, by Meritus
333 Orchard Road, Singapore 238867
Tel: +65 6831 6062 | Fax: +65 6737 3130
Mobile No.: +65 8298 9442
Contact Person: Tan Ai Li
Email: aili.tan@meritushotels.com
Website: www.meritushotels.com

On-site & in-house training

Deliver this course how you want, where you want, when you want – and save up to 40%! 8+ employees seeking training on the same topic?

Talk to us about an on-site/in-house & customised solution.

STAY UPDATED ON OUR NEWS & EVENTS

Informa Connect is Singapore's leading event organiser. We conceive, develop and promote our own B2B industry conferences and corporate training courses, and offer tailored managed event solutions.

Find out more