с 9:00 до 19:00
Каталог

Cyber Security Workbook for On Board Ship Use

Артикул: 00-01058291
в желания Под заказ
Издательство: International Chamber Of Shipping (все книги издательства)
Место издания: London
ISBN: 978--1-914993-67-1
Год: 2024
Переплет: Твердая обложка
Страниц: 191
Вес: 605 г
Товар будет заказан у поставщика.
Мы не можем гарантировать его наличие и поступление на наш склад по указанной цене
67500 P
-
+

Издание на английском языке
Книга представляет собой папку на пружине
Harvesting the toll potential of data gathering with the implementation of digital technologies and improved connectivity can certainly bring commercial benefits. However, in parallel, cyber criminals are refining their methods and developing techniques that cause disruptions to business and create hazardous situations for ships, their crew, the environment and the cargo.
Building on the latest Guidelines on Cyber Security Onboard Ships (version 4), the Cyber Security Workbook for On Board Ship Use goes one step further and translates the high-level guidelines into operational tools and checklists for use on board ships. The Workbook is an indispensable complement to the Guidelines and is highly recommended reading for ship officers and shore staff with a cyber security risk management role.

Contents
Foreword
Abbreviations/Definitions
Acknowledgements
Section 1 - Introduction
1.1 Cyber Security Risk Management - IMO Requirements and Guidelines
1.1.1 Additional Guidance
1.1.2 Regional Regulatory Guidelines
1.2 Cyber Outlook for Shipping
1.3 Purpose of this Workbook
1.4 Checklists
1.5 Designated Roles and Responsibilities
Part One- Onboard Practical Considerations
Section 2 - Identifying Risks
2.1 Vulnerable Ship Systems
2.2 What is a Maritime Cyber Attack?
2.3 Threats
2.3.1 Types of Cyber Attack
2.3.2 Social Engineering
2.3.3 Ransomware
Section 3 - Protection, Prevention and Training
3.1 Prevention of Malware Attacks
3.2 Software Updates
3.2.1 Updating Programs that are not Part of the Operating System
3.3 Endpoint Protection/Security Suite
3.3.1 Endpoint Protection Updates
3.3.2 Checking Whether the Endpoint Protection Suite is up to Date
3.4 Passwords
3.4.1 Creating Passwords
3.4.2 Password Length
3.4.3 Managing Passwords
3.4.4 Handover of Passwords
3.4.5 Passkeys
3.4.6 User Names
3.5 Cyber Security and the SMS
3.5.1 Cyber Security and the Ship Security Plan (SSP)
3.6 Crew Considerations and Training
3.6.1 Key Aspects of Crew Training
3.6.2 Cyber Security Familiarisation for Crew
3.6.3 Training for Non-crewmembers
3.6.4 Designing a Training Programme
3.6.5 Unintentional Cyber Breaches by the Crew
3.6.6 Planning a Crew Training Session
3.6.7 Cyber Security Drills
3.6.8 Social Media
3.6.9 Travelling in Cyber Safe Mode
3.7 Ship Inspections and Port State Control
3.7.1 Port State Control Inspections
3.7.2 Other Inspections
Section 4 - Detect, Respond and Recover: General Principles
4.1 Detecting a Cyber Incident
4.1.1 Introduction
4.1.2 Useful Tools Available to Help Detect Possible Malware
4.2 Incident Response
4.2.1 Third-party Support
4.2.2 Cyber Recovery Plan
4.2.3 Backups
Section 5 - Ship's Business Systems
5.1 Onboard Business Computers
5.1.1 USB Ports and Drives
5.1.2 USB Port Blockers
5.1.3 USB Cleaning Stations
5.1.4 Tablets
5.1.5 Personal Devices and USB Ports
5.2 Network Segregation On Board
5.2.1 Segregated Networks
5.2.2 Achieving a Segregated Network
5.2.3 Maintaining a Segregated Network
5.2.4 Benefits of Network Segregation
5.2.5 Vulnerable Systems On Board
5.3 Wireless Networks
5.3.1 Business WiFi
5.3.2 Crew WiFi
5.3.3 Guest Access
5.3.4 WiFi Network Security
5.3.5 Virtual Private Network (VPN)
5.4 Satellite Communications (Satcom) Equipment
5.4.1 Satcom Passwords
5.4.2 Satcom Visibility on the Public Internet
5.4.3 Satcom Software Updates
5.4.4 Physical Security of the SatelliteTerminal
5.4.5 Software Security of the Satellite System
5.5 Mobile (Cellular) Data Connections
5.6 Connecting to Shore WiFi in Port
5.6.1 Crew Connecting to WiFi Ashore
5.7 Passenger Ships
Section 6 - ОТ Systems
6.1 Understanding ОТ Systems
6.2 Engine Department Considerations
6.3 Cargo Management
6.4 ECDIS Security
6.4.1 Updates
6.4.2 Physical Security
6.4.3 ECDIS Recovery
6.4.4 Recognising Genuine NAVTEX Messages
6.5 GNSS Security
6.5.1 GNSS Input Data
6.6 Other Bridge Systems
6.6.1 VDR
6.6.2 AIS
Part Two – Shore Management Considerations
Section 7 - Key Considerations
7.1 Cooperation Between the Office Departments and their Suppliers
7.1.1 IT Department and Technical Department
7.1.2 Securing the Supply Chain
7.1.3 Cyber Security Working Group
7.2 Cooperation Between the Office and the Ship's Crew
7.2.1 Maritime Cyber Security Management
7.2.2 Cyber Security and the Safety Management System (SMS)
7.2.3 Cyber Security and the Ship Security Plan (SSP)
7.2.4 Onboard Resources According to Ship Type
7.3 Ship's Network Architecture
7.3.1 IDMZ
7.3.2 Data Diodes (Unidirectional Gateways)
Section 8 - ОТ Systems Management
8.1 ОТ Asset Management and Risk Assessment
8.1.1 Asset Management
8.1.2 Asset Risk Assessment
8.2 Securing ОТ Systems
8.3 Securing the Ethernet IP Network Used by ОТ Systems
8.3.1 Converter Security
8.4 Intrusion Detection Systems (IDS)
Section 9 - IT Systems Management
9.1 Remote Access
9.2 Vulnerability Scanning
9.3 Penetration (Pen) Testing
9.4 Endpoint Detection and Response (EDR)
9.5 Disaster Recovery from Backup
9.6 Uninterruptible Power Supply (UPS) for IT/OT Systems
Checklist
Checklist 1 - Cyber Security Familiarisation for New Crewmembers
Checklist 2 - Cyber Security Crew Training
Checklist 3 - Detecting a Cyber Incident
Checklist 4 - Responding to a Cyber Incident On Board
Checklist 5 - Onboard Business Computer
Checklist 6 - Network Segregation
Checklist 7 - Networks (Wireless and Wired)
Checklist 8 - Satellite Communications
Checklist 9 - ОТ Systems for Crew
Checklist 10 - ECDIS Cyber Security
Checklist 11 - Cyber Security Checks on the Navigation Bridge
Checklist 12 - Asset Management and Risk Assessment
Checklist 13 - ОТ Systems for IT Department
Checklist 14 - Remote Access
Anexes
Annex 1 - Cyber Security Assessment
Annex 2 - Creating a Cyber Security Plan
Annex 3 - Creating User Accounts
Annex 4 - Checking for Segregated Networks
Annex 5 - NMEA 0183
Annex 6 - Regional Regulatory Guidance
Annex 7 - Further Resources

Здесь Вы можете оставить свой отзыв

Чтобы оставить отзыв на товар Вам необходимо войти или зарегистрироваться