TY - GEN
T1 - Forensic readiness within the maritime sector
AU - Tam, Kimberly
AU - Jones, Kevin
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/6
Y1 - 2019/6
N2 - Forensic investigation is an essential response strategy following a cyber-related incident, and forensic readiness is the capability to gather critical digital information and maximize its use as evidence. The effectiveness of this data is highly dependent on the readiness, quality, and trustworthiness of the data itself. Far from a passive post-analysis tool, there have been many instances where an organization has benefited from gathering, and using, digital evidence to improve their cyber-security and mitigate future incidents. This article examines the forensic readiness of the maritime sector, a core component of global trade and a unique combination of information/operational technology and people, to understand its investigation and mitigation capabilities. Once the readiness of maritime forensic investigation has been better understood, by comparing it to other sectors and using risk scenarios, this paper proposes actions toward improvement. These steps are built from established attempts to increase investigation capabilities and improve maritime cyber-security, but address the maritime sector specifically.
AB - Forensic investigation is an essential response strategy following a cyber-related incident, and forensic readiness is the capability to gather critical digital information and maximize its use as evidence. The effectiveness of this data is highly dependent on the readiness, quality, and trustworthiness of the data itself. Far from a passive post-analysis tool, there have been many instances where an organization has benefited from gathering, and using, digital evidence to improve their cyber-security and mitigate future incidents. This article examines the forensic readiness of the maritime sector, a core component of global trade and a unique combination of information/operational technology and people, to understand its investigation and mitigation capabilities. Once the readiness of maritime forensic investigation has been better understood, by comparing it to other sectors and using risk scenarios, this paper proposes actions toward improvement. These steps are built from established attempts to increase investigation capabilities and improve maritime cyber-security, but address the maritime sector specifically.
KW - Cyber
KW - Forensic readiness
KW - Maritime
KW - Risk
UR - http://www.scopus.com/inward/record.url?scp=85075905166&partnerID=8YFLogxK
U2 - 10.1109/CyberSA.2019.8899642
DO - 10.1109/CyberSA.2019.8899642
M3 - Conference proceedings published in a book
AN - SCOPUS:85075905166
T3 - 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
BT - 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019
Y2 - 3 June 2019 through 4 June 2019
ER -