Factors Affecting Cyber Risk in Maritime
Published on Jun 3, 2019
· DOI :10.1109/CYBERSA.2019.8899382
To ensure the safety of ships and ports, groups and individuals, at all levels of the maritime sector, use analysis to identify potential hazards and their outcomes. One of the most relied upon methods is using a risk assessment tool to define and prioritise threats. A disadvantage of most existing assessment frameworks, however, is their inability to update risks dynamically as factors, such as the environment, change. In the maritime sector, a range of dynamic factors is needed to measure risks, but most conventional frameworks are unable to use them to revise and update their risk profiles. In addition to static and dynamic, maritime operational risks can be affected by elements classified as cyber, cyber-physical, or physical in nature. This demonstrates the relatively equal presence of information and operational technology (i.e. IT/OT) used, however most quantitative risk assessment frameworks are normally limited to one or the other. This article explores the full range of cyber-related risk factor types within maritime in order to evaluate applicable risk frameworks and suggest improvements that could help each of those tools assess maritime-cyber risks specifically.