Finland s cyber security strategy background dossier
INTRODUCTION TO MARITIME CYBERSECURITY
1. Introduction to Maritime Cybersecurity
A course and minor program proposal to the
CSU Maritime Academy
Dr. Donna Nincic
1/c Andrew Bichlmeier
1/c Blaine Meserve-Nibley
1/c Luis Robles
2. Intro to Maritime Cybersecurity CSU Maritime Academy Course/Minor Proposal
2 | P a g e
Introduction to Maritime Cyber Security
Course Description
Cybersecurity in the maritime domain is an emerging field of vulnerability on a global scale. The
maritime industry, governing entities, and stakeholders must become aware of the increasing
threats to information systems. Cyberspace is infinite, and attacks can be made from any point in
the world. Attacks are capable of disrupting “just in time” transportation delivery systems and
carry significant implications for economic and national security. Introduction to Maritime
Cybersecurity will educate students on the current types of threats, the actors who may seek to
cause harm in the maritime domain, and the governing authorities responsible for preventing
such attacks. Additionally, the course will explore current U.S. policy, domestic and
international laws, and response to cybersecurity incidents.
Recommended Textbook
Singer, P.W., Friedman, A. (2014). Cybersecurity and Cyberwar: What Everyone Needs to
Know. 1st
Edition. New York: Oxford University Press.
Introduction to Maritime Cybersecurity – Proposed Course Syllabus
SECTION I: INTRODUCTION TO MARITIME CYBERSECURITY
Topic/Reading Description
Week 1 Cyber – The
Problem
Reading:
Begin Course
Textbook
The introductory week will begin to engage the class into
the concept of cyberspace. What is cyberspace? Why is it
an emerging issue? What is different about cyber from
other security threats? These questions will get the class
focused on what they will be learning throughout the rest
of the semester in Intro to Maritime Cyber Security. Week
1 will also establish basic definitions and cyber terms to
ensure technical “language” is uniform.
Week 2 The Classified
Problem/Types of
Threats
Reading:
RAND: Cyber-
security threat
characterization
This week will introduce the problem of academia in
regards to studying information that may be deemed
classified or sensitive in nature. Specifically, how can
conclusions or recommendations are made while
addressing classified material that is non-accessible. The
second part of the week will begin the types of threats that
affect the maritime cyber domain and their targeted
information systems.
3. Intro to Maritime Cybersecurity CSU Maritime Academy Course/Minor Proposal
3 | P a g e
Week 3 Types of Threats
(continued)
Reading:
RAND: Cyber-
security threat
characterization
The types of threats in the maritime cyber domain must be
understood in order to have a full grasp of the dangers to
information systems. Different threats have various
outcomes with some seeking to steal or destroy data while
others seek to shut down systems or control networks. The
types of threats to be covered specifically are: Denial of
Service, Phishing, Trojan Horse, Virus, Worms, Exploits,
and Data Coercion (changing, corrupting, and deleting).
Week 4 Case Studies
Reading:
Specific case studies
Case studies are important in order to understand how
cyber-attacks affect organizations or individuals. A case
study clearly demonstrates how the type of attack has its
own objective and will help the student understand why
attacks occur. This week will also address who is being
attacked in the cyber domain and why the targets may be of
high or low interest for hackers. Some recommended case
studies are: Office of Personnel Management, Ashley
Maddison, and the Target credit card scam. Each case
study demonstrates different motives and were caused by
actors with separate interests. These case studies should
begin to help tie in different aspects of cyber together
throughout the semester.
Week 5 The Threat Matrix
Reading:
Finish Course
Textbook
The Probability/Impact Matrix is vital to understanding and
prioritizing defense mechanisms for certain threats. The
prioritization is based on which threats are deemed high
probability and high impact should the threat occur. This
allows for agencies responsible for security to determine
steps required to efficiently protect the assets in their
domain. After the initial concept of the Threat Matrix is
taught, students will apply it to the various threats they
learned in the case studies and threats from weeks 3 and 4.
SECTION II: ACTORS IN THE CYBER DOMAIN
Topic/Reading Description
Week 6 United States of
America The United States is extremely vulnerable to cyber-attacks.
4. Intro to Maritime Cybersecurity CSU Maritime Academy Course/Minor Proposal
4 | P a g e
Reading:
White House
Foreign Policy on
Cyber,
Comprehensive
National
Cybersecurity
Initiative
In response, the United States government has created
policy that strives to stay ahead of the curve. This section
will examine the adequacy of existing legal authorities,
statutory or constitutional, for responding to cyber threats.
Also, we will examine the appropriate roles for the
executive and legislative branches in addressing
cybersecurity. When there is a solid understanding of the
U.S. cyber policy, we will delve into the existing
cybersecurity threats.
Week 7 China
Reading:
China and
International Law,
Exposing One of
China’s Cyber
Espionage Units
China is an emerging world superpower and poses a threat
to U.S. hegemony. This week will focus on Chinese cyber
policy and their interactions with the United States. While
both China and the U.S. are focused on working
internationally to promote an open, interoperable, secure,
and reliable cyberspace, there are striking differences
between their two viewpoints. Key themes include China’s
defensive acts, Code of Conduct, and transition from a
developing nation.
Week 8 Individuals
Reading:
Pirates Exploiting
Cybersecurity
Weaknesses in
Maritime Industry
Hacking for a Cause
Cybersecurity
Threats Impacting
the Nation
Within the cybersecurity world, there are actors with non-
political goals. These actors are motivated by gaining
tangibles such as money, information, and blackmail.
Insiders, spammers, spyware/malware authors, hacktivists,
criminals (seeking monetary gain) represent some of these
individual non-state actors. This week will focus on a
variety of non-political actors, their unique motivation,
what information they after and what they plan to do with
the information.
Week 9 Terrorists
A terrorist seeks to destroy, incapacitate, or exploit critical
infrastructures in order to threaten national security, cause
mass casualties, weaken the economy, and damage public
morale and confidence. This week will examine terrorist’s
motivation, cyber capabilities, where they could attack and
how they will acquire the information. Key legislation for
this week will include the Maritime Transportation
Security Act and ISPS at ports and terminals.
Week 10 The Threat Matrix
(Actors) The Threat Matrix applied to actors should be re-examined
now that there is a basic understanding of who are the main
5. Intro to Maritime Cybersecurity CSU Maritime Academy Course/Minor Proposal
5 | P a g e
Reading:
Cyber-security threat
characterization,
Cyber Tops Intel
Community’s 2013
Global Threat
Assessment
actors in cybersecurity. We will look at the possibility of
threats from these different actors. Key themes will include
prioritization, characterization, and the role of domestic
law enforcement agencies to take action. This will allow
for a smooth transition into the third phase of the class,
protecting against cyber.
SECTION III: PROTECTING AGAINST CYBER ATTACKS
Topic/Reading Description
Week 11 Targets &
Vulnerabilities
Reading:
Critical
Infrastructure Gap:
U.S. Port Facilities
and Cyber
Vulnerabilities
GAO: Report on
Cyber Terrorism in
the Maritime
Environment
It is important to Understand the areas where maritime
facilities are most vulnerable, while understanding and
proposing solutions for maritime facilities. This week
focuses on understanding the areas for improvements for
both private and governmental facilities. Take into
considerations government, business, and public
infrastructure while looking at the weak links with the
chain of cybersecurity and understanding the need for a
shifting of security focus. The focus will be on
vulnerabilities within local, state, and federal government
and comparing those vulnerabilities to business in maritime
and port facilities. Additionally, students will evaluate
supply chain vulnerabilities at port facilities, shipping
companies, and vessels.
Week 12 U.S. Government
Strategy
Reading:
USCG Cyber
Strategy
DoD Cyber Strategy
The objective for this week is to understand the resources
used by the government to defend against and combat
maritime cyber threats in the 21st century. It is important to
understand the crucial methods and tactics that the Navy
and USCG use to combat maritime cyber security. This
week will focus on both the DoD and USCG cyber
strategies and review GAO and RAND reports on the US
handing of cybersecurity.
Week 13 Cyber Law
Reading:
China and
International Law in
The goal for this week is to understand the laws in which
military and governmental agencies operate within. In
addition, the class will compare the difference between
domestic laws and international laws in cybersecurity. It is
6. Intro to Maritime Cybersecurity CSU Maritime Academy Course/Minor Proposal
6 | P a g e
Cyberspace also important to understand civil rights of American
citizens within that domestic law. Some of the suggested
laws for examination are: Cybersecurity Information
Sharing Act, Protecting Cyber Networks Act, and the
National Cybersecurity Protection Advancement Act.
Week 14 Cyber
Crime/Terrorism
Reading:
Case Studies
The objective of this week is to compare and contrast
cyber-crime and cyber-terrorism while looking at what
domestic and international agencies are doing to track
down and stop criminals/terrorist from committing further
acts of violence. This will include examining previous case
studies in which cyber criminals were caught and how they
were prosecuted. This will look at federal agencies
including the FBI, NSA, CIA, DIA, and INTERPOL.
Week 15 The Future of Cyber
Reading:
Cybersecurity Issues
and Challenges
The final week will wrap all the content from the previous
weeks and take a brief look at what the future holds for the
maritime cybersecurity domain. The class will also predict
future threats, while using all the pervious case studies, to
compile a list of feasible threats. Lastly, the course will
touch on the future of cyber warfare and its implications, as
well as the ethics of cyber-attacks
.
Proposed Minor Courses
Introduction to Maritime Cybersecurity
Cybersecurity in the maritime domain is an emerging field of vulnerability on a global scale. The
maritime industry, governing entities, and stakeholders must become aware of the increasing
threats to information systems. Cyberspace is infinite, and attacks can be made from any point in
the world. Attacks are capable of disrupting “just in time” transportation delivery systems and
carry significant implications for economic and national security. Introduction to Maritime
Cybersecurity will educate students on the current types of threats, the actors who may seek to
cause harm in the maritime domain, and the governing authorities responsible for preventing
such attacks. Additionally, the course will explore current U.S. policy, domestic and
international laws, and response to cybersecurity incidents.
Introduction to Information Systems
In order to have a level understanding of the cyber domain, students must have a base-level of
comprehension in information systems. The course would introduce students to the basics of
information systems and relate them to cybersecurity considerations. Included would be
networks, databases, and other information systems related to the current cyber domain. In
7. Intro to Maritime Cybersecurity CSU Maritime Academy Course/Minor Proposal
7 | P a g e
addition, the course could introduce laws that govern information systems and standardize basic
vocabulary and system management at a base-level of comprehension for a student seeking the
minor in maritime cybersecurity.
Ports and Terminals Management
A course already offered at CSU Maritime Academy, Ports and Terminals Management would
be valuable for students to understand how goods and resources are moved throughout the world.
This understanding is crucial since much of the global supply of goods is based on a “just-in-
time” delivery system which is largely run on information systems that are exposed to the cyber
domain. A student must comprehend the basics of ports and terminal management to be able to
apply maritime cybersecurity into the maritime domain and industry. Who are the stakeholders at
a port? How is a port run? Which laws govern ports? Each question are addressed in the course
and would supplement the minor with background understanding on the maritime domain and its
business management at ports and terminals.
Cybersecurity Policy
Cybersecurity has emerged as one of the most significant domestic and international security and
economic risks today. In order to combat various cyber threats, state, federal, and international
policy has been created. This course will explore policy issued by the various levels of
government and its role in maritime cybersecurity. Key themes to be addressed include laws,
regulations, civil liberties, law enforcement and national security. Strong emphasis will be
placed on the Maritime Transportation Security Act, Cybersecurity Information Sharing Act of
2015, Protecting Cyber Networks Act, National Cybersecurity Protection Advancement Act of
2015 and the future of cybersecurity in the maritime domain.
Maritime Cybersecurity Organizations
The United States relies on the Internet and cyberspace for a variety of critical services. Ensuring
the safety and security of cyberspace in the maritime domain requires the effort of several U.S.
government agencies. The U.S. Coast Guard within the Department of Homeland Security and
U.S. Navy in the Department of Defense are the two main agencies responsible with maritime
cybersecurity. Key themes to be addressed in the course include agency jurisdiction, cyber
strategy, policy issued by the agency, state of port and terminal cyber-systems, and cooperation
with other departments.
Cyber Warfare
This class would look at the evolution of the cyber technology and how it has become the new
platform for warfare between nations. Cyber warfare will look at the early roots of the Internet
and take into account the influences of the military which made it into what it is today. Cyber
warfare will also look at governmental abuse of information and the idea of transparency in the
21st century, utilizing examples like the Wiki Leaks and Edward Snowden. This will not be a
tech class but a history/policy class regarding the concept of cyber warfare.