Abstract
Standard risk assessments are used to define and prioritize threats within a
sector. However, the rising number of cybersecurity risks in maritime are
often temperamental to a range of environmental, technical, and social
factors. A change during an incident can significantly alter the risks and,
consequently, the incident outcomes. Therefore, agile, changing risk profiles
are becoming more necessary in the modern world. In addition to static and
dynamic, maritime operational risks can be affected by cyber, cyber-physical,
or physical elements. This demonstrates the equal use of information and
operational technology (IT/OT); however, most quantitative risk assessment
frameworks focus on one or the other. This is not ideal, based on
technological trends in the maritime sector. This article explores the factors
that affect maritime cyber-risk and examines popular risk frameworks to see
whether important maritime-related elements are unaccounted for. These
findings are further examined with the results of a survey we conducted to
assess the situational awareness of the sector around cyber-risks in maritime.
Suggestions for future work on are then made based on our findings.
Original language | English |
---|---|
Pages (from-to) | 40-68 |
Number of pages | 0 |
Journal | International Journal on Cyber Situational Awareness |
Volume | 4 |
Issue number | 1 |
Early online date | 2 Dec 2019 |
DOIs | |
Publication status | Published - 2 Dec 2019 |