CERP: A Maritime Cyber Risk Decision Making Tool

IF 0.7 Q4 TRANSPORTATION SCIENCE & TECHNOLOGY
E. Erstad, R. Hopcraft, Juan Dorje Palbar, K. Tam
{"title":"CERP: A Maritime Cyber Risk Decision Making Tool","authors":"E. Erstad, R. Hopcraft, Juan Dorje Palbar, K. Tam","doi":"10.12716/1001.17.02.02","DOIUrl":null,"url":null,"abstract":": An increase in the complexity of systems onboard ships in the last decade has seen a rise in the number of reported maritime cyber ‐ attacks. To tackle this rising risk the International Maritime Organization published high ‐ level requirements for cyber risk management in 2017. These requirements obligate organisations to establish procedures, like incident response plans, to manage cyber ‐ incidents. However, there is currently no standardised framework for this implementation. This paper proposes a Cyber Emergency Response Procedure (CERP), that provides a framework for organisations to better facilitate their crew’s response to a cyber ‐ incident that is considerate of their operational environment. Based on an operations flowchart, the CERP provides a step ‐ by ‐ step procedure that guides a crew’s decision ‐ making process in the face of a cyber ‐ incident. This high ‐ level framework provides a blueprint for organisations to develop their own cyber ‐ incident response procedures that are considerate of operational constraints, existing incident procedures and the complexity of modern maritime systems.","PeriodicalId":46009,"journal":{"name":"TransNav-International Journal on Marine Navigation and Safety of Sea Transportation","volume":"8 1","pages":""},"PeriodicalIF":0.7000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"TransNav-International Journal on Marine Navigation and Safety of Sea Transportation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.12716/1001.17.02.02","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"TRANSPORTATION SCIENCE & TECHNOLOGY","Score":null,"Total":0}
引用次数: 0

Abstract

: An increase in the complexity of systems onboard ships in the last decade has seen a rise in the number of reported maritime cyber ‐ attacks. To tackle this rising risk the International Maritime Organization published high ‐ level requirements for cyber risk management in 2017. These requirements obligate organisations to establish procedures, like incident response plans, to manage cyber ‐ incidents. However, there is currently no standardised framework for this implementation. This paper proposes a Cyber Emergency Response Procedure (CERP), that provides a framework for organisations to better facilitate their crew’s response to a cyber ‐ incident that is considerate of their operational environment. Based on an operations flowchart, the CERP provides a step ‐ by ‐ step procedure that guides a crew’s decision ‐ making process in the face of a cyber ‐ incident. This high ‐ level framework provides a blueprint for organisations to develop their own cyber ‐ incident response procedures that are considerate of operational constraints, existing incident procedures and the complexity of modern maritime systems.
CERP:海上网络风险决策工具
在过去的十年中,随着船上系统复杂性的增加,报告的海上网络攻击数量也有所增加。为了应对这一不断上升的风险,国际海事组织于2017年发布了网络风险管理的高级要求。这些要求要求组织建立程序,如事件响应计划,以管理网络事件。然而,目前还没有针对这种实现的标准化框架。本文提出了一个网络应急响应程序(CERP),该程序为组织提供了一个框架,以更好地促进其机组人员对考虑其操作环境的网络事件的响应。基于操作流程图,CERP提供了一个一步一步的程序,指导船员在面对网络事件时的决策过程。该高级框架为组织提供了一个蓝图,以开发他们自己的网络事件响应程序,这些程序考虑到操作限制、现有事件程序和现代海事系统的复杂性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
1.40
自引率
16.70%
发文量
22
审稿时长
40 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信