Analysis of Cyber Security Aspects in the Maritime Sector

The European Network and Information Security Agency (ENISA) is a centre of expertise for the European Union (EU), its Member States (MS), the private sector and Europe’s citizens. As an EU agency, ENISA’s role is to work with these groups to develop advice and recommendations on good practice in information security. This is the first EU report ever published on cyber security challenges in the maritime sector. The report highlights essential key insights and existing initiatives as a baseline for cyber security. High-level recommendations are given for addressing these risks. Some key findings are: 1.) Maritime cyber security awareness is currently low to non-existent. It is highly recommended that Member States undertake targeted awareness raising campaigns and cyber security training of shipping companies, port authorities, and national cyber security offices. 2.) Due to the complexity of Information and Communication Technology (ICT), it is a major challenge to ensure adequate maritime cyber security. A common strategy and development of good practices for the technology development and implementation of ICT systems would ensure “security by design” for all critical maritime ICT components. 3.) As current maritime regulations and policies consider only physical aspects of security and safety, policy makers should add cyber security aspects to them. 4.) A holistic, risk-based approach and assessment of maritime specific cyber risks, as well as identification of all critical assets is recommended. 5.) The International Maritime Organization together with the EU Commission and the Member States should align international and EU policies in this sector. 6.) Better information exchange and statistics on cyber security can help insurers improve their actuarial models, reduce risks, and offer better contractual insurance conditions for the maritime sector. Information exchange platforms, such as CPNI.NL, should be also considered.

• Record URL:
  http://www.enisa.europa.eu/act/res/other-areas/cyber-security-aspects-in-the-maritime-sector/cyber-security-aspects-in-the-maritime-sector-1/at_download/fullReport
• 
• Corporate Authors:

  European Network and Information Security Agency (ENISA)

  P.O. Box 1309
  71001 Heraklion,   Greece 
• Authors:
  • Cimpean, Dan
  • Meire, Johan
  • Bouckaert, Vincent
  • Vande Casteele, Stijn
  • Pelle, Aurore
  • Hellebooge, Luc
• Publication Date: 2011-11

Language

• English

Media Info

• Media Type: Digital/other
• Features: Appendices;
• Pagination: 31p

Subject/Index Terms

• TRT Terms: Communication systems; Computer security; Freight and passenger traffic; Information technology; Infrastructure; Maritime safety; Networks; Policy; Recommendations; Risk assessment; Risk management; Safety and security; Strategic planning; Terrorism; Threats; Water transportation
• Identifier Terms: European Union
• Geographic Terms: European Union countries
• Subject Areas: Data and Information Technology; Freight Transportation; Marine Transportation; Policy; Security and Emergencies; I10: Economics and Administration; I20: Design and Planning of Transport Infrastructure;

Filing Info

• Accession Number: 01359780
• Record Type: Publication
• Files: TRIS
• Created Date: Dec 29 2011 11:09AM