Master in Maritime Cyber-Security

The module will examine: IP Addressing, Network Layer/Internet Protocols, Address Resolution, IP Routing, Transport Layer, TCP/UDP, Upper layer Protocols, Name Resolution, NAT/PAT, well known Protocols and Ports.

This module will examine:

• Development of a comprehensive shorebased cybersecurity plan
• Development of a shipboard cybersecurity plan
• Development of a port facility cybersecurity plan
• Role of a cybersecurity officer (CySO)
• Functions of a Cyber Security Operations Centre (SOC)
• The human factor in cybersecurity
• Shipboard operations and communications with third-parties
• Tools and policy measures to achieve effective and sustainable cyber practices on board and ashore
• Actions and reporting procedures in case of a cybersecurity breach
• Cyber Incident Investigation and Emergency Response mechanisms
• Integration within SMS of cyber risk management in accordance with the objectives and functional requirements of the (International Safety Management) ISM Code
• Practical examples of established plans

Participants will understand, explore and develop practical techniques across:

• Introduction to audit theory / performance
• Integration of security policy and procedures in a company internal audit programme
• Risk assessment principles and application to cyber securit
• Cyber risks emergency response plans drills and exercises
• Promotion of cybersecurity awareness and embedding a culture of cyber risk management
• Monitoring of a holistic and flexible cyber risk governance regime

•  Evaluation of actual protection and detection measures in place
• Discussion related to implementation of (innovative) alternative measures
• Losses and impacts arising from security incidents
• Recovery and Business Continuity from cyber security incidents
• Management Reviews and evaluations of Cybersecurity systems, measures, preparedness, and performance
• Practical cases/examples

The module will examine: Common Operating Systems, BSD Linux and Unix, Windows Server and Desktop OS, File systems, System Tasks and cron jobs, Services and daemons, Permissions, Administrative and built-in accounts, Malware Fundamentals, Virtualization Mechanisms.

Participants will understand, explore, and develop techniques across:

• The maritime cyber environment
• Socio – Technical fundamentals of Cybersecurity
• Relevance of Human Factors within the Cyber Domain
• The Cyber Protect Chain
• Data Security
• Operating in an ever-changing Cyber environment
• Business Continuity Planning
• Leadership responsibilities in the cyber domain
• Core Cyber Protect Frameworks
• Risk and Issue Management
• Vulnerability Identification and evaluation
• ‘Real World’ Cybersecurity protect activity

This module covers the following areas: Threat Intelligence Fundamentals, Attack Surface Management, Secure Access Service Edge, Zero-Trust Networks, Zero Day threat Protection, Incident Response and Crisis Management, Security Requirement Engineering, Development, security, and operations (DevSecOps) and Site Reliability Engineering (SRE).

Participants will understand and explore the following:

• The current UN international regulatory framework within IMO instruments
• Regional requirements applicable under USCG, EU etc.
• Best Practices: a ship’s compliance against the relevant best practice guides, with emphasis on Tanker Management Self-Assessment (TMSA3-13).
• Other best practice guides, including BIMCO, CLIA, INTERCARGO/Rightship and the ISO 27001 and ISO27032 standards
• Analysis and correlation of the above regulatory and best practice requirements

The module starts with the definition and main aspects of the digitalisation mega-trend within Commercial Shipping Management and the necessity of assessing both the shorebased and shipboard ICT systems used by shipping companies.

Particular focus is provided on the Operational Technologies used on board ships, their interactions and interfaces as well as with third parties (terminals, agents, suppliers, regulators, insurers, clients, brokers, etc).

Emphasis is placed upon the practical applications of autonomous systems and increasing use of smart technology for ship operations.

Furthermore, students will analyse the safety and security vulnerabilities and potential consequences related to ICT and OT employed by shipping companies.
Finally, the module will incorporate practical case studies of actual security breaches discuss the importance of performance monitoring and management applied in shipping via a balanced scorecard approach of Safety-Efficiency-Financial Performance.

The module exposes students to contemporary perspectives in academic research, and in particular focuses on developing a range of skills affecting the identification and formulation of project titles. Special focus is placed on the critical review of available literature and information resources, the use of online databases and other sources.

Emphasis is given to the methods used in scientific research, reviewing a range of
statistical and non-statistical methods of analyses appropriate for projects in terms of both qualitative and quantitative research. Finally, students will become aware of any research issues associated with conducting research.