TY - JOUR
T1 - The use of cyber ranges in the maritime context
T2 - Assessing maritime-cyber risks, raising awareness, and providing training
AU - Tam, Kimberly
AU - Moara-Nkwe, Kemedi
AU - Jones, Kevin D.
N1 - Publisher Copyright:
© 2021, Kasetsart University Faculty of International Maritime Studies. All rights reserved.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - A good defensive strategy against evolving cyber threats and cybercrimes is to raise awareness and use that awareness to prepare technical mitigation and human defense strategies. A prime way to do this is through training. While there are already many sectors employing this strategy (e.g., space, smart buildings, business IT), the maritime sector has yet to take advantage of the available cyber-range technology to assess cyber risks and create appropriate training to meet those risks. Cyber security training can come in 2 forms; the first is so security professionals can raise their awareness on the latest and most urgent issues and increase defense skill levels, and the second form is directed at non-security professionals (e.g., ship builders, crew) and the general public, who are just as affected by cyber threats, but may not have the necessary security background to deal with the issues. Conducting training programs for both requires dedicated computing infrastructure to simulate and execute effective scenarios for both sets of trainees. To this end, a cyberrange (CR) provides an environment for just that. The purpose of this paper is to use studies on the concept of cyber ranges to provide evidence for why the maritime sector should embrace this technology for maritime-cyber training, and envision how they will provide maritime risk assessment and raise awareness to combat tomorrow’s threats.
AB - A good defensive strategy against evolving cyber threats and cybercrimes is to raise awareness and use that awareness to prepare technical mitigation and human defense strategies. A prime way to do this is through training. While there are already many sectors employing this strategy (e.g., space, smart buildings, business IT), the maritime sector has yet to take advantage of the available cyber-range technology to assess cyber risks and create appropriate training to meet those risks. Cyber security training can come in 2 forms; the first is so security professionals can raise their awareness on the latest and most urgent issues and increase defense skill levels, and the second form is directed at non-security professionals (e.g., ship builders, crew) and the general public, who are just as affected by cyber threats, but may not have the necessary security background to deal with the issues. Conducting training programs for both requires dedicated computing infrastructure to simulate and execute effective scenarios for both sets of trainees. To this end, a cyberrange (CR) provides an environment for just that. The purpose of this paper is to use studies on the concept of cyber ranges to provide evidence for why the maritime sector should embrace this technology for maritime-cyber training, and envision how they will provide maritime risk assessment and raise awareness to combat tomorrow’s threats.
KW - Cyber range
KW - Maritime
KW - Risk assessment
KW - Training
UR - http://www.scopus.com/inward/record.url?scp=85184875175&partnerID=8YFLogxK
U2 - 10.33175/mtr.2021.241410
DO - 10.33175/mtr.2021.241410
M3 - Article
AN - SCOPUS:85184875175
SN - 2651-205X
VL - 3
SP - 16
EP - 30
JO - Maritime Technology and Research
JF - Maritime Technology and Research
IS - 1
ER -