SlideShare a Scribd company logo

Cyber Sec Project Proposal

Chris Young
Chris Young
1 of 7
Download to read offline
INSERT NEW COVER IMAGE Business Plan
People are part of complex systems in the maritime environment; they inter- act with one another and computer systems in both creative and destructive ways. At every intersection of human and machine there is the possibility for error, manipulation, coercion or sedition.” - The Future of Maritime Cyber Security - Lan- caster University IT systems are crucial to the safe and efficient operation of modern vessels and to the functioning of the maritime industry in general. Increasingly complex systems enable a host of essential maritime operations, from navigation and propulsion to freight manage- ment and traffic control. Onboard systems include GPS, DP, AIS, ECDIS, Radar, autopilot etc. and control sys- tems for ballast, stability, engine and propulsion control, cargo handling etc. Advances in satellite technology mean these previously remote onboard systems are in- creasingly likely to have a permanent internet connection, with the potential for any device onboard the vessel to become a node of the on-shore corporate IT network. The 24hr availability of email, web browsers, cloud storage, network access, smartphones and the challenges of 'BYOD' all add to the complexities and the vulnerable gateways to our data. In addition to the equipment onboard vessels, there are similarly vulnerable systems lo- cated in ports, VTS centres, offshore installations, operators and manager’s offices and in numerous maritime support businesses and organisations. There are considerable risks to the safety and security of vessels, the security and reputa- tion of the owners and operators and risks to the movement of world trade should mari- time corporate IT networks become compromised. The act of compromise can be either deliberate and criminal, or unforeseen and accidental. Either way, the results can be equally widespread and potentially disasterous.
The IMO propose that the subject be tackled using a process of Cyber Risk Management (CRM), covering safety, security and operational risks under one umbrella. This pro- ject will approach the subject from a similar viewpoint. Aims To mitigate the risk of exposure to cyber-vulnerabilities (deliberate or otherwise) by edu- cating those who have access to exposed IT systems and infrastructure, both onboard and shoreside. This will be achieved by giving a non-technical audience the knowledge to understand the risks, to know what to do to protect against these risks and what to do in response to a direct threat. During the development of this resource, the participating parties will form a working group to learn from the knowledge and experiences of each other to enhance their own internal procedures and systems for implementing a successful corporate CRM strategy. The final public output of the project will be to give practical guidance and advice on ‘Best Practices’ to those who may not have an IT background or training, enabling those at the sharp end to better support the work of the IT department in protecting the corporate net- work. For most companies, the greatest threat comes from the naivety of their own employees, on ship and shore. Awareness and good procedures can dramatically reduce the risk." - The Navigator, June 2016 Achieving the aims To achieve the stated aim, the working group will gather the latest in technical, security and behavioural knowledge and information and distil this into a series of practical ‘takeaways’ that can be easily understood and put into practice by a non-technical audi- ence. Fidra will then work with the creative team to create either a single film, or a series of ‘shorts’, that illustrate these points in a way that is both educational and entertaining to watch. It is only by achieving the second of these two goals that we have the greatest chance of the films being widely shared and the knowledge widely disseminated. If we are successful, the exposure will extend beyond the maritime industry. Fidra will work with the partners in the project and the maritime media outlets to ensure that as much publicity as possible is generated on release, using all available channels. Supporting materials could also be produced if these were felt to be of further benefit, in the form of guide notes and ‘best practice’ leaflets and posters (distributed as PDF docu- ments).
Project structure The biggest risk is from employees using computer-based systems since security prevention mechanisms within the network itself are rarely imple- mented in the mistaken belief that perimeter defences are all that is required.” - Maritime Cyber Security White Paper - ESC Global Security The project will be developed by a working group consisting of a small number of interest- ed parties, primarily but not necessarily exclusively from the maritime domain. Led by Fid- ra, the group will assemble a body of technical knowledge and best practices that will then be handed over to a team of behavioural and creative specialists. A primary feature of this project is its collaborative nature, the sharing of information and ideas for the benefit of the group (internally/privately where deemed appropriate) and for the wider maritime community on release of the resource. The technical working group will be tasked with:  Assembling a body of reference materials and resources pertinent to the subject matter.  Identifying the most commonly encountered risks and vulnerabilities and those that have the greatest potential to cause damage.  Creating clear and unambiguous advice for a non-technical audience on ways to de- tect the presence of a risk, whether this be deliberate criminal activity or an internal system failure.  Creating clear advice suitable for a non-technical audience on appropriate measures to take in response to the presence of a potential threat to protect the network.  Collating a list of ‘Best Practices’ that should be adopted by all those with access to the corporate IT infrastructure.  Discussing and sharing, although not necessarily publicly disseminating, internal procedures and IT system defence policies and Best Practices from a more tech- nical perspective (suitable for corporate IT and security teams and management). The above is subject to discussion and amendment but is a logical starting point. Budget The budget is yet to be defined, but will be agreed upon by all parties to the project prior to commissioning the creative team. The cost will be shared amongst those involved. Fidra will not seek to sell or otherwise monetise the project following release, with the aim of achieving as widespread distribution as possible. This is the reason that the develop- ment, production and distribution budget must be raised from industry partners. However, if the loss, damage, or liability was caused either directly or indi- rectly by the use of a computer and its associated systems and software “as a means of inflicting harm,” such loss, damage, or liability would be excluded from coverage.” - Marsh & McLennan report
Fidra are in the process of encouraging a ‘headline sponsor’ who has an interest in raising their profile within the maritime industry. This business or organisation may be less in- volved with the creation of the content but will cover a significant proportion of the produc- tion budget in return for the publicity generated by the release of the film(s). With the sponsorship contribution it is envisaged that individual partners will invest somewhere in the region of £5k (+VAT) each. ESC Global Security recommends that companies operating in the maritime industries put cyber security awareness training at the top of the agenda for users of technology and computer resources. This is one of the most effective ways of reducing a company's exposure to cyber security threats and increases both detection and incident response at the same time.” - Maritime Cyber Security White Paper - ESC Global Security While we are acutely aware of the financial position of many businesses in the maritime sector in these challenging times, we must be aware of the need to balance prudence with the ability to be creative and produce an effective resource. If the budget is too high, the project will languish as an idea that never came to fruition. If the budget is too low, we will be limited in what we can do and may fail our objectives by producing ‘just another training film’. For those looking to get internal budget sign-off, it may help to spread the cost across HSEQ, Risk Management, IT and Marketing Dept. budgets, as each department stand to benefit. The sum invested in this project could be recouped if just one cyber-attack or fail- ure can be avoided. It might be argued that the relatively low public profile of most marine busi- nesses means they are less likely to be the subject of a cyber-attack than fi- nancial institutions, energy companies, public utilities, or airlines. That may be the case, but nevertheless, the threat is real, and the results of a successful attack could be catastrophic. Certainly, the lack of any inbuilt encryption or authentication code in the critical systems used for navigation on board ship means that shipping could be seen as a soft target, and that perception alone could be enough to pro- voke an attack.” - Marsh & McLennan report
Resources & references Hackers working with a drug smuggling gang infiltrated the computerized cargo tracking system of the Port of Antwerp to identify the shipping con- tainers in which consignments of drugs had been hidden. The gang then drove the containers from the port, retrieved the drugs and covered their tracks. The criminal activity continued for a two-year period from June 2011, until it was stopped by joint action by Belgium and Dutch police. Cyber criminals will continue to do the unexpected, and the nature of attacks of this sort will evolve.” - Marsh & McLennan report IMO document MSC 96/4/1 (4th Feb 2016): Measures to enhance maritime security - Guidelines for Cyber risk management - SOURCE IMO document MSC 96/4/2 (9th Feb 2016): Measures to enhance maritime security - Guidelines for Cyber risk management - SOURCE IMO document MSC 96/4/5 (8th March 2016): Measures to enhance maritime securi- ty - Measures aimed at improving cybersecurity on ships - SOURCE IMO document MSC 96/INF.4: Measures aimed at improving cybersecurity on a ship - SOURCE BIMCO: The Guidelines on Cyber Security Onboard Ships - SOURCE United States National Institute of Standards and Technology's Framework for Im- proving Critical Infrastructure Security (the NIST Framework) - SOURCE ENISA (European Network and Information Security Agency): Analysis of cyber se- curity aspects in the maritime sector (Nov 2011) - SOURCE Lancaster University: The Future of Maritime Cyber Security - SOURCE Marsh & Mclennan report: The risk of cyber-attack to the maritime industry – SOURCE NCC Group: Maritime cyber security: Threats & Opportunities - SOURCE ESCGS: Maritime Cyber Security White Paper - SOURCE AMMITEC: Cyber Security Awareness Guidelines - SOURCE The Navigator: June 2016 issue – SOURCE ABS: The application of cyber-security principles to marine and offshore opera- tions - SOURCE
Contact details Interested parties should in the first instance contact Chris Young: Chris Young MNI Executive Producer Fidra Films Tel: +44 (0)7500 906 220 chris@fidragroup.com ... it is important that security procedures and processes are in place so that opera- tors know how to identify a potential security threat or have been trained to re- spond when a cyber attack is in process. Cyberspace was once just a way to communicate but now pretty much everything de- pends on it. Our critical infrastructures for energy, healthcare, banking, transportation and water are dependent on how well we protect and secure the systems and the data that controls them.” - Maritime Cyber Security White Paper - ESC Global Security Fidra Films is a trading name of Fidra Group Ltd, a company registered in England and Wales No. 9864419, VAT Reg. No. 232197420 Project partners To become a partner in this ground breaking project please contact us directly. See below for details. For reasons of project scale and collaborative logistics, places are strictly limited and will be offered on a first come first served basis.

Recommended

What is Cloud Cost Optimization and Management? How It Works?
What is Cloud Cost Optimization and Management? How It Works?What is Cloud Cost Optimization and Management? How It Works?
What is Cloud Cost Optimization and Management? How It Works?Veritis Group, Inc
 
Get started with Dialogflow & Contact Center AI on Google Cloud
Get started with Dialogflow & Contact Center AI on Google CloudGet started with Dialogflow & Contact Center AI on Google Cloud
Get started with Dialogflow & Contact Center AI on Google CloudDaniel Zivkovic
 
Mastering Customer Data on Apache Spark
Mastering Customer Data on Apache SparkMastering Customer Data on Apache Spark
Mastering Customer Data on Apache SparkCaserta
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Applicationedavid2685
 
GIS Into to Cloud Microsoft Azure
GIS Into to Cloud Microsoft Azure GIS Into to Cloud Microsoft Azure
GIS Into to Cloud Microsoft Azure Usama Wahab Khan Cloud, Data and AI
 
How to recover from ransomware
How to recover from ransomwareHow to recover from ransomware
How to recover from ransomwareDatabarracks
 
Best practises for log management
Best practises for log managementBest practises for log management
Best practises for log managementBrian Honan
 
AWS Immersion Day Mapfre - Confluent
AWS Immersion Day Mapfre - ConfluentAWS Immersion Day Mapfre - Confluent
AWS Immersion Day Mapfre - Confluentconfluent
 

Recommended

What is Cloud Cost Optimization and Management? How It Works?
What is Cloud Cost Optimization and Management? How It Works?What is Cloud Cost Optimization and Management? How It Works?
What is Cloud Cost Optimization and Management? How It Works?Veritis Group, Inc
 
Get started with Dialogflow & Contact Center AI on Google Cloud
Get started with Dialogflow & Contact Center AI on Google CloudGet started with Dialogflow & Contact Center AI on Google Cloud
Get started with Dialogflow & Contact Center AI on Google CloudDaniel Zivkovic
 
Mastering Customer Data on Apache Spark
Mastering Customer Data on Apache SparkMastering Customer Data on Apache Spark
Mastering Customer Data on Apache SparkCaserta
 
System hardening - OS and Application
System hardening - OS and ApplicationSystem hardening - OS and Application
System hardening - OS and Applicationedavid2685
 
GIS Into to Cloud Microsoft Azure
GIS Into to Cloud Microsoft Azure GIS Into to Cloud Microsoft Azure
GIS Into to Cloud Microsoft Azure Usama Wahab Khan Cloud, Data and AI
 
How to recover from ransomware
How to recover from ransomwareHow to recover from ransomware
How to recover from ransomwareDatabarracks
 
Best practises for log management
Best practises for log managementBest practises for log management
Best practises for log managementBrian Honan
 
AWS Immersion Day Mapfre - Confluent
AWS Immersion Day Mapfre - ConfluentAWS Immersion Day Mapfre - Confluent
AWS Immersion Day Mapfre - Confluentconfluent
 
DRP vs BCP
DRP vs BCPDRP vs BCP
DRP vs BCPRenata Davidson
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device ManagementJohn Rhoton
 
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit SplunkSplunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit SplunkSplunk
 
Enterprise Disaster Recovery Strategies by CloudEndure
Enterprise Disaster Recovery Strategies by CloudEndureEnterprise Disaster Recovery Strategies by CloudEndure
Enterprise Disaster Recovery Strategies by CloudEndureAmazon Web Services
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
Sipwise rtpengine
Sipwise rtpengineSipwise rtpengine
Sipwise rtpengineAndreas Granig
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)Iftikhar Ali Iqbal
 
Enterprise Service Management & IT Operations Management Coming Together
Enterprise Service Management & IT Operations Management Coming TogetherEnterprise Service Management & IT Operations Management Coming Together
Enterprise Service Management & IT Operations Management Coming TogetherOpsRamp
 
Hybrid Cloud Architectures on VMware Cloud on AWS.pdf
Hybrid Cloud Architectures on VMware Cloud on AWS.pdfHybrid Cloud Architectures on VMware Cloud on AWS.pdf
Hybrid Cloud Architectures on VMware Cloud on AWS.pdfAmazon Web Services
 
rtpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scalertpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scaleAndreas Granig
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Integrated Cache on Netscaler
Integrated Cache on NetscalerIntegrated Cache on Netscaler
Integrated Cache on NetscalerMark Hillick
 
Packaged Integration Connectors
Packaged Integration ConnectorsPackaged Integration Connectors
Packaged Integration ConnectorsAras
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsAltoros
 
MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMaganathin Veeraragaloo
 
The Importance of Business Change Management in Cloud Adoption
The Importance of Business Change Management in Cloud AdoptionThe Importance of Business Change Management in Cloud Adoption
The Importance of Business Change Management in Cloud AdoptionAmazon Web Services
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOARDNIF
 
IPsec for IMS
IPsec for IMSIPsec for IMS
IPsec for IMSHossein Yavari
 
Log management principle and usage
Log management principle and usageLog management principle and usage
Log management principle and usageBikrant Gautam
 
Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Unit 7 Assignment Group Assignment – Risk Analysis and Ident
Unit 7 Assignment Group Assignment – Risk Analysis and IdentUnit 7 Assignment Group Assignment – Risk Analysis and Ident
Unit 7 Assignment Group Assignment – Risk Analysis and Identcorbing9ttj
 

More Related Content

What's hot

Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasuresKAMRAN KHALID
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device ManagementJohn Rhoton
 
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit SplunkSplunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit SplunkSplunk
 
Enterprise Disaster Recovery Strategies by CloudEndure
Enterprise Disaster Recovery Strategies by CloudEndureEnterprise Disaster Recovery Strategies by CloudEndure
Enterprise Disaster Recovery Strategies by CloudEndureAmazon Web Services
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...☁️ Gustavo Magella
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)Iftikhar Ali Iqbal
 
Enterprise Service Management & IT Operations Management Coming Together
Enterprise Service Management & IT Operations Management Coming TogetherEnterprise Service Management & IT Operations Management Coming Together
Enterprise Service Management & IT Operations Management Coming TogetherOpsRamp
 
Hybrid Cloud Architectures on VMware Cloud on AWS.pdf
Hybrid Cloud Architectures on VMware Cloud on AWS.pdfHybrid Cloud Architectures on VMware Cloud on AWS.pdf
Hybrid Cloud Architectures on VMware Cloud on AWS.pdfAmazon Web Services
 
rtpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scalertpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scaleAndreas Granig
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Integrated Cache on Netscaler
Integrated Cache on NetscalerIntegrated Cache on Netscaler
Integrated Cache on NetscalerMark Hillick
 
Packaged Integration Connectors
Packaged Integration ConnectorsPackaged Integration Connectors
Packaged Integration ConnectorsAras
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsAltoros
 
The Importance of Business Change Management in Cloud Adoption
The Importance of Business Change Management in Cloud AdoptionThe Importance of Business Change Management in Cloud Adoption
The Importance of Business Change Management in Cloud AdoptionAmazon Web Services
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOARDNIF
 
Log management principle and usage
Log management principle and usageLog management principle and usage
Log management principle and usageBikrant Gautam
 

What's hot (20)

DRP vs BCP
DRP vs BCPDRP vs BCP
DRP vs BCP
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
 
Mobile Device Management
Mobile Device ManagementMobile Device Management
Mobile Device Management
 
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit SplunkSplunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
Splunk Webinar: Full-Stack End-to-End SAP-Monitoring mit Splunk
 
Enterprise Disaster Recovery Strategies by CloudEndure
Enterprise Disaster Recovery Strategies by CloudEndureEnterprise Disaster Recovery Strategies by CloudEndure
Enterprise Disaster Recovery Strategies by CloudEndure
 
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
[IGNITE2018] [BRK2495] What’s new in Microsoft Information Protection solutio...
 
Sipwise rtpengine
Sipwise rtpengineSipwise rtpengine
Sipwise rtpengine
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB)
 
Enterprise Service Management & IT Operations Management Coming Together
Enterprise Service Management & IT Operations Management Coming TogetherEnterprise Service Management & IT Operations Management Coming Together
Enterprise Service Management & IT Operations Management Coming Together
 
Hybrid Cloud Architectures on VMware Cloud on AWS.pdf
Hybrid Cloud Architectures on VMware Cloud on AWS.pdfHybrid Cloud Architectures on VMware Cloud on AWS.pdf
Hybrid Cloud Architectures on VMware Cloud on AWS.pdf
 
rtpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scalertpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scale
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)
 
Integrated Cache on Netscaler
Integrated Cache on NetscalerIntegrated Cache on Netscaler
Integrated Cache on Netscaler
 
Packaged Integration Connectors
Packaged Integration ConnectorsPackaged Integration Connectors
Packaged Integration Connectors
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
 
MULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTUREMULTI-CLOUD ARCHITECTURE
MULTI-CLOUD ARCHITECTURE
 
The Importance of Business Change Management in Cloud Adoption
The Importance of Business Change Management in Cloud AdoptionThe Importance of Business Change Management in Cloud Adoption
The Importance of Business Change Management in Cloud Adoption
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOAR
 
IPsec for IMS
IPsec for IMSIPsec for IMS
IPsec for IMS
 
Log management principle and usage
Log management principle and usageLog management principle and usage
Log management principle and usage
 

Similar to Cyber Sec Project Proposal

Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthyRussell Publishing
 
Unit 7 Assignment Group Assignment – Risk Analysis and Ident
Unit 7 Assignment Group Assignment – Risk Analysis and IdentUnit 7 Assignment Group Assignment – Risk Analysis and Ident
Unit 7 Assignment Group Assignment – Risk Analysis and Identcorbing9ttj
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
 
Cyber-insurance and liability caps proposed as incentives by Department of Co...
Cyber-insurance and liability caps proposed as incentives by Department of Co...Cyber-insurance and liability caps proposed as incentives by Department of Co...
Cyber-insurance and liability caps proposed as incentives by Department of Co...David Sweigert
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
 
AGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperAGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperMestizo Enterprises
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011Mousselmal Tarik
 
Journal of Business Continuity & Emergency Planning Volume 7 N.docx
Journal of Business Continuity & Emergency Planning Volume 7 N.docxJournal of Business Continuity & Emergency Planning Volume 7 N.docx
Journal of Business Continuity & Emergency Planning Volume 7 N.docxchristiandean12115
 
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAMINFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAMChristopher Nanchengwa
 
UCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxUCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxucisa
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)Santosh Khadsare
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorEuropean Services Institute
 
The Port Security Plan - Management of Tasks and Responsibilities.docx
The Port Security Plan - Management of Tasks and Responsibilities.docxThe Port Security Plan - Management of Tasks and Responsibilities.docx
The Port Security Plan - Management of Tasks and Responsibilities.docxoreo10
 

Similar to Cyber Sec Project Proposal (20)

Airport security 2013 john mc carthy
Airport security 2013 john mc carthyAirport security 2013 john mc carthy
Airport security 2013 john mc carthy
 
Unit 7 Assignment Group Assignment – Risk Analysis and Ident
Unit 7 Assignment Group Assignment – Risk Analysis and IdentUnit 7 Assignment Group Assignment – Risk Analysis and Ident
Unit 7 Assignment Group Assignment – Risk Analysis and Ident
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία
Maritime Cyber Security-Κυβερνοασφάλεια και ΝαυτιλίαMaritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία
Maritime Cyber Security-Κυβερνοασφάλεια και Ναυτιλία
 
Cyber-insurance and liability caps proposed as incentives by Department of Co...
Cyber-insurance and liability caps proposed as incentives by Department of Co...Cyber-insurance and liability caps proposed as incentives by Department of Co...
Cyber-insurance and liability caps proposed as incentives by Department of Co...
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
AGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White PaperAGEOS Infrastructure Cyber Security White Paper
AGEOS Infrastructure Cyber Security White Paper
 
Insa cyber intelligence 2011
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011
 
Journal of Business Continuity & Emergency Planning Volume 7 N.docx
Journal of Business Continuity & Emergency Planning Volume 7 N.docxJournal of Business Continuity & Emergency Planning Volume 7 N.docx
Journal of Business Continuity & Emergency Planning Volume 7 N.docx
 
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAMINFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
 
UCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptxUCISA cyber incident response toolkit.pptx
UCISA cyber incident response toolkit.pptx
 
Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)Wireless Security on Context (disponible en español)
Wireless Security on Context (disponible en español)
 
Internet
InternetInternet
Internet
 
expert tips
expert tipsexpert tips
expert tips
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things Security
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
 
SIA-Q1-2016
SIA-Q1-2016SIA-Q1-2016
SIA-Q1-2016
 
Critical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation SectorCritical Infrastructure and Cybersecurity Transportation Sector
Critical Infrastructure and Cybersecurity Transportation Sector
 
The Port Security Plan - Management of Tasks and Responsibilities.docx
The Port Security Plan - Management of Tasks and Responsibilities.docxThe Port Security Plan - Management of Tasks and Responsibilities.docx
The Port Security Plan - Management of Tasks and Responsibilities.docx
 

Cyber Sec Project Proposal

  • 2. People are part of complex systems in the maritime environment; they inter- act with one another and computer systems in both creative and destructive ways. At every intersection of human and machine there is the possibility for error, manipulation, coercion or sedition.” - The Future of Maritime Cyber Security - Lan- caster University IT systems are crucial to the safe and efficient operation of modern vessels and to the functioning of the maritime industry in general. Increasingly complex systems enable a host of essential maritime operations, from navigation and propulsion to freight manage- ment and traffic control. Onboard systems include GPS, DP, AIS, ECDIS, Radar, autopilot etc. and control sys- tems for ballast, stability, engine and propulsion control, cargo handling etc. Advances in satellite technology mean these previously remote onboard systems are in- creasingly likely to have a permanent internet connection, with the potential for any device onboard the vessel to become a node of the on-shore corporate IT network. The 24hr availability of email, web browsers, cloud storage, network access, smartphones and the challenges of 'BYOD' all add to the complexities and the vulnerable gateways to our data. In addition to the equipment onboard vessels, there are similarly vulnerable systems lo- cated in ports, VTS centres, offshore installations, operators and manager’s offices and in numerous maritime support businesses and organisations. There are considerable risks to the safety and security of vessels, the security and reputa- tion of the owners and operators and risks to the movement of world trade should mari- time corporate IT networks become compromised. The act of compromise can be either deliberate and criminal, or unforeseen and accidental. Either way, the results can be equally widespread and potentially disasterous.
  • 3. The IMO propose that the subject be tackled using a process of Cyber Risk Management (CRM), covering safety, security and operational risks under one umbrella. This pro- ject will approach the subject from a similar viewpoint. Aims To mitigate the risk of exposure to cyber-vulnerabilities (deliberate or otherwise) by edu- cating those who have access to exposed IT systems and infrastructure, both onboard and shoreside. This will be achieved by giving a non-technical audience the knowledge to understand the risks, to know what to do to protect against these risks and what to do in response to a direct threat. During the development of this resource, the participating parties will form a working group to learn from the knowledge and experiences of each other to enhance their own internal procedures and systems for implementing a successful corporate CRM strategy. The final public output of the project will be to give practical guidance and advice on ‘Best Practices’ to those who may not have an IT background or training, enabling those at the sharp end to better support the work of the IT department in protecting the corporate net- work. For most companies, the greatest threat comes from the naivety of their own employees, on ship and shore. Awareness and good procedures can dramatically reduce the risk." - The Navigator, June 2016 Achieving the aims To achieve the stated aim, the working group will gather the latest in technical, security and behavioural knowledge and information and distil this into a series of practical ‘takeaways’ that can be easily understood and put into practice by a non-technical audi- ence. Fidra will then work with the creative team to create either a single film, or a series of ‘shorts’, that illustrate these points in a way that is both educational and entertaining to watch. It is only by achieving the second of these two goals that we have the greatest chance of the films being widely shared and the knowledge widely disseminated. If we are successful, the exposure will extend beyond the maritime industry. Fidra will work with the partners in the project and the maritime media outlets to ensure that as much publicity as possible is generated on release, using all available channels. Supporting materials could also be produced if these were felt to be of further benefit, in the form of guide notes and ‘best practice’ leaflets and posters (distributed as PDF docu- ments).
  • 4. Project structure The biggest risk is from employees using computer-based systems since security prevention mechanisms within the network itself are rarely imple- mented in the mistaken belief that perimeter defences are all that is required.” - Maritime Cyber Security White Paper - ESC Global Security The project will be developed by a working group consisting of a small number of interest- ed parties, primarily but not necessarily exclusively from the maritime domain. Led by Fid- ra, the group will assemble a body of technical knowledge and best practices that will then be handed over to a team of behavioural and creative specialists. A primary feature of this project is its collaborative nature, the sharing of information and ideas for the benefit of the group (internally/privately where deemed appropriate) and for the wider maritime community on release of the resource. The technical working group will be tasked with:  Assembling a body of reference materials and resources pertinent to the subject matter.  Identifying the most commonly encountered risks and vulnerabilities and those that have the greatest potential to cause damage.  Creating clear and unambiguous advice for a non-technical audience on ways to de- tect the presence of a risk, whether this be deliberate criminal activity or an internal system failure.  Creating clear advice suitable for a non-technical audience on appropriate measures to take in response to the presence of a potential threat to protect the network.  Collating a list of ‘Best Practices’ that should be adopted by all those with access to the corporate IT infrastructure.  Discussing and sharing, although not necessarily publicly disseminating, internal procedures and IT system defence policies and Best Practices from a more tech- nical perspective (suitable for corporate IT and security teams and management). The above is subject to discussion and amendment but is a logical starting point. Budget The budget is yet to be defined, but will be agreed upon by all parties to the project prior to commissioning the creative team. The cost will be shared amongst those involved. Fidra will not seek to sell or otherwise monetise the project following release, with the aim of achieving as widespread distribution as possible. This is the reason that the develop- ment, production and distribution budget must be raised from industry partners. However, if the loss, damage, or liability was caused either directly or indi- rectly by the use of a computer and its associated systems and software “as a means of inflicting harm,” such loss, damage, or liability would be excluded from coverage.” - Marsh & McLennan report
  • 5. Fidra are in the process of encouraging a ‘headline sponsor’ who has an interest in raising their profile within the maritime industry. This business or organisation may be less in- volved with the creation of the content but will cover a significant proportion of the produc- tion budget in return for the publicity generated by the release of the film(s). With the sponsorship contribution it is envisaged that individual partners will invest somewhere in the region of £5k (+VAT) each. ESC Global Security recommends that companies operating in the maritime industries put cyber security awareness training at the top of the agenda for users of technology and computer resources. This is one of the most effective ways of reducing a company's exposure to cyber security threats and increases both detection and incident response at the same time.” - Maritime Cyber Security White Paper - ESC Global Security While we are acutely aware of the financial position of many businesses in the maritime sector in these challenging times, we must be aware of the need to balance prudence with the ability to be creative and produce an effective resource. If the budget is too high, the project will languish as an idea that never came to fruition. If the budget is too low, we will be limited in what we can do and may fail our objectives by producing ‘just another training film’. For those looking to get internal budget sign-off, it may help to spread the cost across HSEQ, Risk Management, IT and Marketing Dept. budgets, as each department stand to benefit. The sum invested in this project could be recouped if just one cyber-attack or fail- ure can be avoided. It might be argued that the relatively low public profile of most marine busi- nesses means they are less likely to be the subject of a cyber-attack than fi- nancial institutions, energy companies, public utilities, or airlines. That may be the case, but nevertheless, the threat is real, and the results of a successful attack could be catastrophic. Certainly, the lack of any inbuilt encryption or authentication code in the critical systems used for navigation on board ship means that shipping could be seen as a soft target, and that perception alone could be enough to pro- voke an attack.” - Marsh & McLennan report
  • 6. Resources & references Hackers working with a drug smuggling gang infiltrated the computerized cargo tracking system of the Port of Antwerp to identify the shipping con- tainers in which consignments of drugs had been hidden. The gang then drove the containers from the port, retrieved the drugs and covered their tracks. The criminal activity continued for a two-year period from June 2011, until it was stopped by joint action by Belgium and Dutch police. Cyber criminals will continue to do the unexpected, and the nature of attacks of this sort will evolve.” - Marsh & McLennan report IMO document MSC 96/4/1 (4th Feb 2016): Measures to enhance maritime security - Guidelines for Cyber risk management - SOURCE IMO document MSC 96/4/2 (9th Feb 2016): Measures to enhance maritime security - Guidelines for Cyber risk management - SOURCE IMO document MSC 96/4/5 (8th March 2016): Measures to enhance maritime securi- ty - Measures aimed at improving cybersecurity on ships - SOURCE IMO document MSC 96/INF.4: Measures aimed at improving cybersecurity on a ship - SOURCE BIMCO: The Guidelines on Cyber Security Onboard Ships - SOURCE United States National Institute of Standards and Technology's Framework for Im- proving Critical Infrastructure Security (the NIST Framework) - SOURCE ENISA (European Network and Information Security Agency): Analysis of cyber se- curity aspects in the maritime sector (Nov 2011) - SOURCE Lancaster University: The Future of Maritime Cyber Security - SOURCE Marsh & Mclennan report: The risk of cyber-attack to the maritime industry – SOURCE NCC Group: Maritime cyber security: Threats & Opportunities - SOURCE ESCGS: Maritime Cyber Security White Paper - SOURCE AMMITEC: Cyber Security Awareness Guidelines - SOURCE The Navigator: June 2016 issue – SOURCE ABS: The application of cyber-security principles to marine and offshore opera- tions - SOURCE
  • 7. Contact details Interested parties should in the first instance contact Chris Young: Chris Young MNI Executive Producer Fidra Films Tel: +44 (0)7500 906 220 chris@fidragroup.com ... it is important that security procedures and processes are in place so that opera- tors know how to identify a potential security threat or have been trained to re- spond when a cyber attack is in process. Cyberspace was once just a way to communicate but now pretty much everything de- pends on it. Our critical infrastructures for energy, healthcare, banking, transportation and water are dependent on how well we protect and secure the systems and the data that controls them.” - Maritime Cyber Security White Paper - ESC Global Security Fidra Films is a trading name of Fidra Group Ltd, a company registered in England and Wales No. 9864419, VAT Reg. No. 232197420 Project partners To become a partner in this ground breaking project please contact us directly. See below for details. For reasons of project scale and collaborative logistics, places are strictly limited and will be offered on a first come first served basis.