Certificate

Whom the course is for

The course ISM Code and Cyber Risk Management is aimed at anyone interested in understanding how an effective cyber security risk management should be. This may include Top Management of Shipping Companies, Ship Managers, Technical Superintendents, Ship Masters, Officers and Seafarers; Offshore Units Operators and Technical Staff, Shipyards Technical Staff; Surveyors; P&I and/or Insurance Inspectors; etc.

Objectives

On completion of the training, students will be able to:

• Know what cyber security is, the main threats and their consequences.
• Understand how to consider the cyber risks in the Safety Management System and how the ISM Code translated into cyber security.
• Know the 12 cybersecurity commandments that will help implementing an efficient cyber risk management system.

Course Contents

---

Introduction

• Consider cyber security as a business decision
• What is cyber security exactly about?

Shipping industry is a cyber target

• Five reasons why you could be the next victim…
• Four strategies to face cyber risks

Cyber risk in Safety Management Systems

• The NIST Framework

Cyber security and ISM Code

• Operational Technology (OT) and Information Technology (IT)
• Risk analysis
• Cyber security training
  • Training again… Procedures must be known and implemented
  • Crew training and awareness
• Incident response procedures
• Roles, rules and responsibilities
• Cyber security policy
  • What should the cyber security policy include?

Cyber security threats: Know your enemies!

Phishing (social engineering)

Malware

• How to detect malware?

Ransomware (also known as Cryptolocker)

• How to avoid ransomware?
• In the case of ransomware

Spoofing

Identity theft

12 cyber security commandments