SlideShare a Scribd company logo

4th ShipIT Conference, Athens

K
KostasGrivas1

Information Security in Shipping and ISO 27001

Presentations & Public Speaking
1 of 11
Download to read offline
InformationSecurity in Shipping and ISO 27001 Grivas Kostas 4th ShipIT Conference, Athens, September 26, 2018
Information System Domains in a Maritime Organization Shore Domain Vessel Domain
Shore Domain ✓ Disaster/Recover facilities ✓ Cloud Services ✓ Remote Management ✓ Mobile Access ✓ External Datacenters ✓ Suppliers’/Vendors’ Extranets ✓ Etc.
Vessel Domain InformationTechnology (IT) OperationTechnology (OT) ➢ Always ON connections ➢ Performance monitoring ➢ ECDIS ➢ Advanced M/E ➢ Computer driven OT systems ➢ Crew welfare ➢ Wi-Fi ➢ Etc.
Information Security Landscape
Compliance requirements ▪ TMSA 3 (Tanker Management & Self-Assessment) ▪ EU NIS DIRECTIVE (2016/1148) (Network & Information Systems) ▪ EU GDPR ▪ SIRE VIQ ver.7 (Vessel Inspection Questionnaire) ▪ IMO MSC.1 / Circ. 1526 ▪ IMO MSC 98/5/2 ▪ Guidelines by BIMCO, DNV-GL, ABS, UK IET, etc.
TheChallenge Organization’s Strategy and Security Objectives
TheChallenge (cont.) Information Security Security Service A Malware Protection Security Service B Perimeter Protection Recomme ndation A Recomme ndation B GAP GAP GAP
The Plan 1. Context of the Organization 2. Leadership - Policy 3. Planning 4. Support 5. Operation 6. Performance evaluation 7. Improvement ISO 27001:2013 Requirements
The Plan (cont.) KEY POINTS FOR ANALYSIS ISO 27001:2013 DOMAINS A8 A9 A11 A13 A10 A15 A7 A12 A17 A16 A14 A18 A5 A6
Conclusion The establishment, implementation and improvement of an Information Security plan requires a solid and robust framework. ISO 27001:2013 contains all the necessary key points to develop such a plan. Even if the organization decide not to acquire the certification, following ISO’s clauses will be beneficial. On the other hand, the certification can: 1. Provide Competitive advantage 2. Enhance Customer’s confidence 3. Prove commitment to data and privacy protection 4. Increase legislative and regulatory compliance 5. Improve organization’s security 6. Manage Information Security Risks effectively.

Recommended

PCI Compliance certificate
PCI Compliance certificatePCI Compliance certificate
PCI Compliance certificate
Abu Taher (ITIL Certified Technician)
 
Robert Bell
Robert BellRobert Bell
Robert Bell
Sabrina Downey
 
C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...
C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...
C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...
PROFIBUS and PROFINET InternationaI - PI UK
 
20th kabandconference 2014_lisi_v03
20th kabandconference 2014_lisi_v0320th kabandconference 2014_lisi_v03
20th kabandconference 2014_lisi_v03
Marco Lisi
 
Lecture maritime ict - salwa
Lecture maritime ict - salwaLecture maritime ict - salwa
Lecture maritime ict - salwa
Universiti Utara Malaysia
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Angeloluca Barba
 
presentations-amp_imo_presentation
presentations-amp_imo_presentationpresentations-amp_imo_presentation
presentations-amp_imo_presentation
Jeff Douglas
 
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...
Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (ΕΛΙΣΜΕ)
 

Recommended

PCI Compliance certificate
PCI Compliance certificatePCI Compliance certificate
PCI Compliance certificate
Abu Taher (ITIL Certified Technician)
 
Robert Bell
Robert BellRobert Bell
Robert Bell
Sabrina Downey
 
C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...
C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...
C09 Profibus and Profinet in a safety related system - Mark Carter, BAE Sys...
PROFIBUS and PROFINET InternationaI - PI UK
 
20th kabandconference 2014_lisi_v03
20th kabandconference 2014_lisi_v0320th kabandconference 2014_lisi_v03
20th kabandconference 2014_lisi_v03
Marco Lisi
 
Lecture maritime ict - salwa
Lecture maritime ict - salwaLecture maritime ict - salwa
Lecture maritime ict - salwa
Universiti Utara Malaysia
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Angeloluca Barba
 
presentations-amp_imo_presentation
presentations-amp_imo_presentationpresentations-amp_imo_presentation
presentations-amp_imo_presentation
Jeff Douglas
 
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181126 2.1 Κωνσταντίνος Μέλλος «Αντιμετωπίζοντας τις Σύγχρονες...
Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (ΕΛΙΣΜΕ)
 
USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)
USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)
USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)
Sharat Sawhney
 
DIGITALISATION IN SHIPPING & LOGISTICS
DIGITALISATION IN SHIPPING & LOGISTICSDIGITALISATION IN SHIPPING & LOGISTICS
DIGITALISATION IN SHIPPING & LOGISTICS
rohith30
 
CSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectCSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_Project
Ben Othman
 
Maritime Security Challenge - Thales
Maritime Security Challenge - Thales Maritime Security Challenge - Thales
Maritime Security Challenge - Thales
Digital Catapult
 
CSI capsize - salvage
CSI capsize - salvageCSI capsize - salvage
CSI capsize - salvage
CargoTrax Singapore Pte Ltd
 
EMRN Company Presentation 2018
EMRN Company Presentation 2018EMRN Company Presentation 2018
EMRN Company Presentation 2018
RedChip Companies, Inc.
 
eMARINE Global Presentation
eMARINE Global PresentationeMARINE Global Presentation
eMARINE Global Presentation
RedChip Companies, Inc.
 
SecureCloud - Concertation Meeting EUBrasilCloudFORUM
SecureCloud - Concertation Meeting EUBrasilCloudFORUMSecureCloud - Concertation Meeting EUBrasilCloudFORUM
SecureCloud - Concertation Meeting EUBrasilCloudFORUM
EUBrasilCloudFORUM .
 
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...
Ελληνικό Ινστιτούτο Στρατηγικών Μελετών (ΕΛΙΣΜΕ)
 
EGNSS for robots - GSA special prize
EGNSS for robots - GSA special prizeEGNSS for robots - GSA special prize
EGNSS for robots - GSA special prize
The European GNSS Agency (GSA)
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
Jim Stockstill
 
Sikkerhet og tillit for samhandling mellom skip og land
Sikkerhet og tillit for samhandling mellom skip og land Sikkerhet og tillit for samhandling mellom skip og land
Sikkerhet og tillit for samhandling mellom skip og land
Kjetil Nordby
 
INMARSAT - I SSPI Day 2017
INMARSAT - I SSPI Day 2017INMARSAT - I SSPI Day 2017
INMARSAT - I SSPI Day 2017
SSPI Brasil
 
cargo containers pilferage
cargo containers pilferagecargo containers pilferage
cargo containers pilferage
Devanshu Suman
 
Activities of Smart Ship Application Platform 2 Project (SSAP2)
Activities of Smart Ship Application Platform 2 Project (SSAP2)Activities of Smart Ship Application Platform 2 Project (SSAP2)
Activities of Smart Ship Application Platform 2 Project (SSAP2)
MTI Co., Ltd.
 
Airbus, an industrial take on EUREKA Clusters
Airbus, an industrial take on EUREKA ClustersAirbus, an industrial take on EUREKA Clusters
Airbus, an industrial take on EUREKA Clusters
EUREKA Secretariat
 
Nextgen
NextgenNextgen
Nextgen
Michele Thomas
 
Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
DefCamp
 
AIDRC_Smart_Ports_MENA_vFINAL_withRef.pdf
AIDRC_Smart_Ports_MENA_vFINAL_withRef.pdfAIDRC_Smart_Ports_MENA_vFINAL_withRef.pdf
AIDRC_Smart_Ports_MENA_vFINAL_withRef.pdf
Thierry Lestable
 
SGD 2016 - Introduction
SGD 2016 - IntroductionSGD 2016 - Introduction
SGD 2016 - Introduction
SESAR Joint Undertaking
 
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdfMicrosoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
SkillCertProExams
 
"I hear you": Moving beyond empathy in UXR
"I hear you": Moving beyond empathy in UXR"I hear you": Moving beyond empathy in UXR
"I hear you": Moving beyond empathy in UXR
Megan Campos
 

More Related Content

Similar to 4th ShipIT Conference, Athens

CSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectCSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_Project
Ben Othman
 
EGNSS for robots - GSA special prize
EGNSS for robots - GSA special prizeEGNSS for robots - GSA special prize
EGNSS for robots - GSA special prize
The European GNSS Agency (GSA)
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
Jim Stockstill
 

Similar to 4th ShipIT Conference, Athens (20)

USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)
USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)
USECASE OF SHORT RANGE DEVICES (SRDs) AND ULTRA WIDE BAND (UWB)
 
DIGITALISATION IN SHIPPING & LOGISTICS
DIGITALISATION IN SHIPPING & LOGISTICSDIGITALISATION IN SHIPPING & LOGISTICS
DIGITALISATION IN SHIPPING & LOGISTICS
 
CSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectCSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_Project
 
Maritime Security Challenge - Thales
Maritime Security Challenge - Thales Maritime Security Challenge - Thales
Maritime Security Challenge - Thales
 
CSI capsize - salvage
CSI capsize - salvageCSI capsize - salvage
CSI capsize - salvage
 
EMRN Company Presentation 2018
EMRN Company Presentation 2018EMRN Company Presentation 2018
EMRN Company Presentation 2018
 
eMARINE Global Presentation
eMARINE Global PresentationeMARINE Global Presentation
eMARINE Global Presentation
 
SecureCloud - Concertation Meeting EUBrasilCloudFORUM
SecureCloud - Concertation Meeting EUBrasilCloudFORUMSecureCloud - Concertation Meeting EUBrasilCloudFORUM
SecureCloud - Concertation Meeting EUBrasilCloudFORUM
 
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...
ΕΛΙΣΜΕ ΓΕΕΘΑ 20181127 2.2 Δημήτρης Παπαγεωργίου «Χρήση ΜΕΣ από τις Ε.Δ. και τ...
 
EGNSS for robots - GSA special prize
EGNSS for robots - GSA special prizeEGNSS for robots - GSA special prize
EGNSS for robots - GSA special prize
 
2013 Basic Presentation-A
2013 Basic Presentation-A2013 Basic Presentation-A
2013 Basic Presentation-A
 
Sikkerhet og tillit for samhandling mellom skip og land
Sikkerhet og tillit for samhandling mellom skip og land Sikkerhet og tillit for samhandling mellom skip og land
Sikkerhet og tillit for samhandling mellom skip og land
 
INMARSAT - I SSPI Day 2017
INMARSAT - I SSPI Day 2017INMARSAT - I SSPI Day 2017
INMARSAT - I SSPI Day 2017
 
cargo containers pilferage
cargo containers pilferagecargo containers pilferage
cargo containers pilferage
 
Activities of Smart Ship Application Platform 2 Project (SSAP2)
Activities of Smart Ship Application Platform 2 Project (SSAP2)Activities of Smart Ship Application Platform 2 Project (SSAP2)
Activities of Smart Ship Application Platform 2 Project (SSAP2)
 
Airbus, an industrial take on EUREKA Clusters
Airbus, an industrial take on EUREKA ClustersAirbus, an industrial take on EUREKA Clusters
Airbus, an industrial take on EUREKA Clusters
 
Nextgen
NextgenNextgen
Nextgen
 
Remote Yacht Hacking
Remote Yacht HackingRemote Yacht Hacking
Remote Yacht Hacking
 
AIDRC_Smart_Ports_MENA_vFINAL_withRef.pdf
AIDRC_Smart_Ports_MENA_vFINAL_withRef.pdfAIDRC_Smart_Ports_MENA_vFINAL_withRef.pdf
AIDRC_Smart_Ports_MENA_vFINAL_withRef.pdf
 
SGD 2016 - Introduction
SGD 2016 - IntroductionSGD 2016 - Introduction
SGD 2016 - Introduction
 

Recently uploaded

"I hear you": Moving beyond empathy in UXR
"I hear you": Moving beyond empathy in UXR"I hear you": Moving beyond empathy in UXR
"I hear you": Moving beyond empathy in UXR
Megan Campos
 
The Concession of Asaba International Airport: Balancing Politics and Policy ...
The Concession of Asaba International Airport: Balancing Politics and Policy ...The Concession of Asaba International Airport: Balancing Politics and Policy ...
The Concession of Asaba International Airport: Balancing Politics and Policy ...
Kayode Fayemi
 

Recently uploaded (14)

Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdfMicrosoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
 
"I hear you": Moving beyond empathy in UXR
"I hear you": Moving beyond empathy in UXR"I hear you": Moving beyond empathy in UXR
"I hear you": Moving beyond empathy in UXR
 
The Concession of Asaba International Airport: Balancing Politics and Policy ...
The Concession of Asaba International Airport: Balancing Politics and Policy ...The Concession of Asaba International Airport: Balancing Politics and Policy ...
The Concession of Asaba International Airport: Balancing Politics and Policy ...
 
Databricks Machine Learning Associate Exam Dumps 2024.pdf
Databricks Machine Learning Associate Exam Dumps 2024.pdfDatabricks Machine Learning Associate Exam Dumps 2024.pdf
Databricks Machine Learning Associate Exam Dumps 2024.pdf
 
TSM unit 5 Toxicokinetics seminar by Ansari Aashif Raza.pptx
TSM unit 5 Toxicokinetics seminar by Ansari Aashif Raza.pptxTSM unit 5 Toxicokinetics seminar by Ansari Aashif Raza.pptx
TSM unit 5 Toxicokinetics seminar by Ansari Aashif Raza.pptx
 
2024-05-15-Surat Meetup-Hyperautomation.pptx
2024-05-15-Surat Meetup-Hyperautomation.pptx2024-05-15-Surat Meetup-Hyperautomation.pptx
2024-05-15-Surat Meetup-Hyperautomation.pptx
 
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINESBIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
 
SaaStr Workshop Wednesday with CEO of Guru
SaaStr Workshop Wednesday with CEO of GuruSaaStr Workshop Wednesday with CEO of Guru
SaaStr Workshop Wednesday with CEO of Guru
 
Modernizing The Transport System:Dhaka Metro Rail
Modernizing The Transport System:Dhaka Metro RailModernizing The Transport System:Dhaka Metro Rail
Modernizing The Transport System:Dhaka Metro Rail
 
2024 mega trends for the digital workplace - FINAL.pdf
2024 mega trends for the digital workplace - FINAL.pdf2024 mega trends for the digital workplace - FINAL.pdf
2024 mega trends for the digital workplace - FINAL.pdf
 
Using AI to boost productivity for developers
Using AI to boost productivity for developersUsing AI to boost productivity for developers
Using AI to boost productivity for developers
 
Abortion Pills Fahaheel ௹+918133066128💬@ Safe and Effective Mifepristion and ...
Abortion Pills Fahaheel ௹+918133066128💬@ Safe and Effective Mifepristion and ...Abortion Pills Fahaheel ௹+918133066128💬@ Safe and Effective Mifepristion and ...
Abortion Pills Fahaheel ௹+918133066128💬@ Safe and Effective Mifepristion and ...
 
STM valmiusseminaari 26-04-2024 PUUMALAINEN Ajankohtaista kansainvälisestä yh...
STM valmiusseminaari 26-04-2024 PUUMALAINEN Ajankohtaista kansainvälisestä yh...STM valmiusseminaari 26-04-2024 PUUMALAINEN Ajankohtaista kansainvälisestä yh...
STM valmiusseminaari 26-04-2024 PUUMALAINEN Ajankohtaista kansainvälisestä yh...
 
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINESBIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES
 

4th ShipIT Conference, Athens