Agenda

CYBERSECURITY IN THE MARITIME INDUSTRY

• Introduction to cybersecurity and key principles
• Systems and connectivity in the marine supply chain
• Financial, Legal and operational implications
• IMO Safety Management Systems (ISM CODE 2021)
• Digital trends in maritime industry

CYBER THREAT LANDSCAPE – LATEST TRENDS AND VULNERABILITY IDENTIFICATION

• Key threats, threat actors and motivations
• Cyber underground
• Supply chain risks
• Assess risk exposure (Ship perspectives) and impacts
• Assess on-shore risk exposure (ports sector) and impacts

EXERCISE: TECHNOLOGIES, CONNECTIVITY AND CYBER RISK ASSESSMENT – SHIP BOARD AND TERMINAL SYSTEMS ATTACK METHODOLOGIES – OVERVIEW

• Attack lifecycle – Learning the steps of launching a cyber-attack that breach vessels
• Attack lifecycle – how attacks are launched?
  • Fundamentals behind attack methodologies Network attacks (Man in the middle, Ping of Death, DDoS), Wireless
  • Cryptography
  • Phishing
  • Social engineering, malicious software, trojans, viruses, ransomware
  • Rootkit, application vulnerabilities, SQL injection
  • Cross-site scripting (XSS), Cross-site request forgery (CSRF)
• Frameworks of attack tools (Kali Linux, Metasploit, etc)
• Threats posed by unauthorised access to vessel systems
• Threats to interconnected vessels and autonomous infrastructure

PROTECTION MEASURES ON-BOARD VESSELS

• BIMCO Guidelines on cyber security onboard ships
• Crew training guidelines, crew requirements and operations in the event of cyber attacks
• Electronic communication guidelines across ships, ports and authorities ashore
• Cybersecurity quality for agents
• Updating real-time information into owner’s vessel management system
• Cyber risk management process with service providers in supplier agreements

EXERCISE: PROTECTION MEASURES FOR KEY OPERATIONAL TECHNOLOGY

• Navigation Systems
• Vessel Tracking Systems
• Terminal Management Systems

FLEET CYBER SECURITY MEASURES – CASE STUDY

• Fleet vulnerability management
• Fleet-wide standard cyber security strategy
• Potential new vulnerabilities
• Risk assessment documentation
• Fleet-wide remote scanning capability

PROTECTION MEASURES AT PORT / TERMINAL

• Port automation and cybersecurity risks
• Operational systems and data networks
• Resilience exercises

PENETRATION TESTING (PT) CASE STUDIES

• How PT can be used as a tool to improve enterprise security
• What to expect from PT and best practices in adoption
• PT strategies, categories and when to use
• Fingerprinting, user harvesting, access control, privilege elevation

DEVELOPING A PRAGMATIC CYBER RISK FRAMEWORK

• How companies manage cyber risks: Risk scenarios, application, mitigation measures
  • Cyber risk detection Identifying crown jewels and third-party relationships
  • Establishing threat awareness and ability to detect patterns
  • Applying cyber intelligence to identify and manage risks
  • How to proactively assess cyber risk?
• Cyber risk prevention Planning and implementing “Secure by Design”
  • Securing risk-sensitive assets – Controls to mitigate known and emerging threats
  • How to assess and manage cyber risk and compliance?
  • Key security considerations: Design, requirements, strategy
• Effective Cybersecurity audit approach
  • Risk-based audit methodology – best practices (planning, fieldwork, reporting, on-going activities)
• Effective Cybersecurity audit approach and latest tools

EFFECTIVE CYBERSECURITY AUDIT APPROACH AND CYBER SECURITY RISK MANAGEMENT CASE STUDIES

• Latest tools for cyber security risk management
• Ship to shore systems
• Jamming of navigation systems case study
• Remote access control security
• Maritime SATCOMS Cyber security

EXERCISE: CONTINGENCY PLANNING DEVELOPMENT

• Disabled/manipulated electronic navigational equipment
• Disabled/manipulated electronic industial control systems and other critical systems
• What to do with unconfirmed data threat?
• Handle ransomeware incidents
• Operational contingencies

INCIDENT ANALYSIS INVESTIGATING CYBER INCIDENTS

• Incident exercises and preparation
• Incident detection and analyses
• Containment, eradication and recovery

CYBER RISK RESPONSE AND BUSINESS CONTINUITY

• Prepare, plan, exercise, simulate, wargame
• Building and maintaining a response plan
• How to react quickly to cyber-attacks and reduce the impact?
• Cleaning up, business continuity and disaster recovery planning
• PR Intervention and Legal assistance

CYBERSECURITY INSURANCE

• Liability, Charterparties, Claims and P&I
• Standard protection packages – an overview
• Key insuring clauses (privacy, network security, media, cyber extortion, data asset loss, business interruption loss, recovery costs, incident response expenses, regulatory penalties etc)