Maritime Cyber Security Advanced & ISO 27001

Confidential data exist in every business in the marine industry and since cyber-attacks become more common every day, leaving this information exposed can be a serious threat to organizations’ stability. Due to the increasing use of digital systems and embedded software on vessels, cyber security is now crucial not only for data protection, but also for the ship & company's operations. ISO 27001:2013 standard sets the grounds for the security of such information and is thus highly beneficial for the protection of an organization.

Train your crew and personnel on the importance of Cyber Security risks and methods on how to prepare effective measures on board and ashore and reduce your information security risks and gain trust by demonstrating to partners your commitment to information security with our ''Maritime Cyber Security & ISO 27001 Awareness'' e-course.

This LiberoAssurance Training Centre e-course was developed to familiarise participants with the principles and key concepts of Maritime Cyber Security & ISO 27001 requirements.

 

Aims & Objectives
  • Provide the key principles related to Cyber Security and Information Security and specify the important factors for the prevention of Cyber Attacks in maritime industry (Shipping Companies and Ports)
  • Give an overview on the general procedure and various methods used by criminals to bypass your security
  • Provide an overview on general procedures and methods used to conduct Cyber Risk Marine Assessment and Cyber Risk Analysis
  • Provide Case studies for Ports & Vessels
  • Outline the key requirements, structure and benefits of ISO 27001:2013
  • Outline additional information security control in relation to relevant standards such as ISO 27002, 27018, 27701, 29100 and GDPR

 

Learning Outcomes

Having successfully completed this course you will be able to:

  • Address Marine Cyber Security threats
  • Prepare company’s or organization’s personnel and crew for Cyber Security risks
  • Demonstrate understanding on Cyber Security risk management in a shipping company and Port.
  • Create an effective marine Cyber risk assessment and plan and follow risk assessment & analysis procedures.
  • Implement Cyber and Information Security Control Measures
  • Assess and improve your organization’s ISMS Systems.
  • Interpret the ISO 27001 requirements to the needs of your organization

 

Who should attend?
  • Employees who use software, emails, devices, and network services within any size and type of a shipping company, port or port facility
  • Those involved in the planning, implementing, maintaining or supervising ISO 27001:2013 ISMS

 

Prerequisite skills & knowledge: Basic Knowledge for ISM & ISPS is recommended
 
Available in-house/distant learning? Yes
 
Created by: LiberoAssurance Continuous Professional Development Training Centre Level 1 – Accredited by Univab

 

PART A: Maritime Cyber Security Advanced
Introduction to Maritime Cyber Security
  • What is Maritime Cyber Security?
  • IT and OT systems
  • IMO related Resolutions, Circulars and Guidelines
  • Industry Guidance on Maritime Cyber Security
Cyber Security Risks
  • ISM/ISPS – Identified Risks
    • Company risk assessment procedure
    • Third party risk assessments
    • Risks related to Ship-Port interface
    • Recent cyber security regulations
  • Assessment of Identified Cyber Risks
    • Identify threats
    • Identify Vulnerabilities
    • Risk Calculation
    • Risk Mitigation (corrective/preventive measures)
    • Cyber Security Awareness & Training
Cyber Security Plan
  • Incident Management
  • Emergency Preparation
  • Steps for cyber security plan preparation
  • Check your Cyber Security Status
    • Questions & Answers
    • Check your IT applicant
    • Proposed Procedural & Controls
    • Immediate Actions
Case Studies
  • Vessel Cyber Attack
    • How a shipping Company named “Shco” defeated a cyber attack
    • US facing Vessel Cyber Attacks
  • Port Facility Cyber Attack
    • COSCO Shipping Lines Falls Victim to Cyber Attack
    • Maersk Hit by Cyber Attack
    • San Diego Hit by Cyber Attack
    • Austal Falls Victim to Cyber Attack
 
PART B: ISO 27001 Requirements
Overview
  • Management Systems
  • Goals of a Management System
  • ISO 27001:2013 Structure
Clauses 0-3
  • Introduction
  • Scope
  • Normative references
  • Terms and definitions
Context of the organization
  • Introduction to company’s context
  • Understanding the organization, its context and interested parties
  • Scope of the ISMS
  • SWOT & Pest Analysis
Leadership
  • Leadership and commitment
  • Information Security Policy
  • Organizational roles, responsibilities and authorities
Planning
  • Actions to address risks and opportunities
  • Information security objectives and planning to achieve them
Support
  • Resources
  • Competence
  • Awareness
  • Communication
  • Documented information
Operation
  • Operational planning and control
  • Information security risk assessment & treatment
Performance evaluation (Monitoring and Evaluation)
  • Monitoring, measurement, analysis and evaluation
  • Internal audit
  • Management review
Improvement
  • Nonconformity & corrective action
  • Continual improvement
Annex A -Control objectives and controls
 
PART C: Information Security Additional Controls
Introduction to additional controls
  • About ISO 27001:2013 – Annex A
  • Scope of ISO 27701:2019
  • Personally Identifiable Information (PII)
ISO 27701:2019 Annexes
  • ISO 27701 Annex Summary
  • Annex A: PIMS-specific reference control objectives and controls (PII Controllers)
  • Annex B: PIIMS-specific reference control objectives and controls (PII Processors)
  • Annex C: Mapping to ISO/IEC 29100
  • Annex D: Mapping to the General Data Protection Regulation
  • Annex E: Mapping to ISO/IEC 27018 and ISO/IEC 29151
  • Annex F: How to apply ISO/IEC 27701 to ISO/IEC 27001 and ISO/IEC 27002
Practical Risk Proposal
 
Exam & Certification
  • Exam on Maritime Cyber Security Advanced and ISO 27001:2013
  • Maritime Cyber Security Advanced and ISO 27001:2013 e-Certificate
Teaching Methods
  • Detailed seminar presentations (available for download)
  • Terms and definitions
  • No. of slides: 353

 

Resources
  • Reading list & Resources: Available in the presentations

 

Study time allocation
  • Private study hours: 41
  • Trainer contact hours: Availability and competence of instructors upon request
  • Enrollment Duration: 90 days (starting from the date of purchase)
 
Credits
  • CPD Points: 41
  • ECTS/ECVET Points: 1.4

 

Assessment methods

Hours

% contribution to final mark

% Minimum passing grade

Exam on Maritime Cyber Security Advanced and ISO 27001:2013

1

100

60

Outcomes/Certificates

On successful completion of the course assessment, participants will be issued with a ‘Certificate of Success’

 

 
Maritime Cyber Security Advanced & ISO 27001

230,00 € each



What you get

undefined

Entry Requirements

undefined

Created By

undefined

In line with latest IMO requirements related with International convention of:

undefined

© Copyright LiberoGroup  All rights reserved.