TY - GEN
T1 - Factors affecting cyber risk in maritime
AU - Tam, Kimberly
AU - Jones, Kevin
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/6
Y1 - 2019/6
N2 - To ensure the safety of ships and ports, groups and individuals, at all levels of the maritime sector, use analysis to identify potential hazards and their outcomes. One of the most relied upon methods is using a risk assessment tool to define and prioritise threats. A disadvantage of most existing assessment frameworks, however, is their inability to update risks dynamically as factors, such as the environment, change. In the maritime sector, a range of dynamic factors is needed to measure risks, but most conventional frameworks are unable to use them to revise and update their risk profiles. In addition to static and dynamic, maritime operational risks can be affected by elements classified as cyber, cyber-physical, or physical in nature. This demonstrates the relatively equal presence of information and operational technology (i.e. IT/OT) used, however most quantitative risk assessment frameworks are normally limited to one or the other. This article explores the full range of cyber-related risk factor types within maritime in order to evaluate applicable risk frameworks and suggest improvements that could help each of those tools assess maritime-cyber risks specifically.
AB - To ensure the safety of ships and ports, groups and individuals, at all levels of the maritime sector, use analysis to identify potential hazards and their outcomes. One of the most relied upon methods is using a risk assessment tool to define and prioritise threats. A disadvantage of most existing assessment frameworks, however, is their inability to update risks dynamically as factors, such as the environment, change. In the maritime sector, a range of dynamic factors is needed to measure risks, but most conventional frameworks are unable to use them to revise and update their risk profiles. In addition to static and dynamic, maritime operational risks can be affected by elements classified as cyber, cyber-physical, or physical in nature. This demonstrates the relatively equal presence of information and operational technology (i.e. IT/OT) used, however most quantitative risk assessment frameworks are normally limited to one or the other. This article explores the full range of cyber-related risk factor types within maritime in order to evaluate applicable risk frameworks and suggest improvements that could help each of those tools assess maritime-cyber risks specifically.
KW - Cyber
KW - Cyber-physical
KW - Dynamic
KW - Maritime
KW - Risk
UR - http://www.scopus.com/inward/record.url?scp=85075897548&partnerID=8YFLogxK
U2 - 10.1109/CyberSA.2019.8899382
DO - 10.1109/CyberSA.2019.8899382
M3 - Conference proceedings published in a book
AN - SCOPUS:85075897548
T3 - 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
BT - 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
Y2 - 3 June 2019 through 4 June 2019
ER -