Abstract
The International Maritime Organization (IMO) published the Guidelines on Maritime Cyber Risk Management in 2017 to strengthen cybersecurity in consideration of digitalized ships. As part of these guidelines, the IMO recommends that each flag state should integrate and manage matters regarding cyber risk in the ship safety management system (SMS) according to the International Safety Management Code (ISM Code) before the first annual verification that takes place on or after 1 January 2021. The purpose of this paper is to identify cybersecurity risk components in the maritime sector that should be managed by the SMS in 2021 and to derive priorities for vulnerability improvement plans through itemized risk assessment. To this end, qualitative risk assessment (RA) was carried out for administrative, technical, and physical security risk components based on industry and international standards, which were additionally presented in the IMO guidelines. Based on the risk matrix from the RA analysis results, a survey on improving cybersecurity vulnerabilities in the maritime sector was conducted, and the analytic hierarchy process was used to analyze the results and derive improvement plan priority measures.
Funder
Korea Maritime Institute
Ministry of Oceans and Fisheries
Subject
Ocean Engineering,Water Science and Technology,Civil and Structural Engineering
Reference60 articles.
1. A Taxonomy Framework for Maritime Cybersecurity: A Demonstration Using the Automatic Identification System
2. 2018 Cybersecurity Predictions: A Shift to Managing Cyber as an Enterprise Risk,2018
3. 2018 Annual Cybersecurity Report,2018
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献