CERP: A Maritime Cyber Risk Decision Making Tool

E. Erstad, R. Hopcraft, J. D. Palbar, K. Tam

Research output: Contribution to journalArticlepeer-review

9 Downloads (Pure)

Abstract

An increase in the complexity of systems onboard ships in the last decade has seen a rise in the number of reported maritime cyber-attacks. To tackle this rising risk the International Maritime Organization published high-level requirements for cyber risk management in 2017. These requirements obligate organisations to establish procedures, like incident response plans, to manage cyber-incidents. However, there is currently no standardised framework for this implementation. This paper proposes a Cyber Emergency Response Procedure (CERP), that provides a framework for organisations to better facilitate their crew’s response to a cyber-incident that is considerate of their operational environment. Based on an operations flowchart, the CERP provides a step-by-step procedure that guides a crew’s decision-making process in the face of a cyber-incident. This high-level framework provides a blueprint for organisations to develop their own cyber-incident response procedures that are considerate of operational constraints, existing incident procedures and the complexity of modern maritime systems.
Original languageEnglish
Number of pages0
JournalTransNav: International Journal on Marine Navigation and Safety of Sea Transportation
Volume17
Issue number2
Early online date1 Jun 2023
DOIs
Publication statusPublished - 1 Jun 2023

Fingerprint

Dive into the research topics of 'CERP: A Maritime Cyber Risk Decision Making Tool'. Together they form a unique fingerprint.

Cite this