cyber threats and cybersecurity - enisa’s advice and support for … · 2020-01-16 · cyber...
TRANSCRIPT
![Page 1: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/1.jpg)
Dr. Athanasios DrougkasExpert in Network and Information SecurityENISA – The EU Agency for Cybersecurity
Workshop on Cybersecurity in Inland Navigation05 09 2019
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 2: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/2.jpg)
2
POSITIONING ENISA’S ACTIVITIES
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 3: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/3.jpg)
3
THE MARITIME SECTOR IS UNDER ATTACK!
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 4: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/4.jpg)
4
…AND VULNERABLE
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 5: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/5.jpg)
5
MARITIME ASSETS – ATTACK SURFACE
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
Positioning systems
Electronic Chart Display and Information System (ECDIS)
Engine Control and monitoring systems
Global Maritime Distress and Safety System (GMDSS)
Automatic Identification System (AIS)
Maritime ICS SCADA
![Page 6: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/6.jpg)
6
MARITIME CYBER THREAT LANDSCAPE
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 7: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/7.jpg)
7
• Cybersecurity gaining more attention but still relatively low
awareness and focus on maritime cyber security
• Emerging standards/guidelines from IMO, industry etc.
• Complexity of the maritime ICT environment including SCADA
and emerging IoT usage
• Fragmented maritime governance context
• No holistic approach to maritime cyber risks and diversity
between different actors in maritime
• Overall lack of direct economic incentives to implement good
cyber security in maritime sector
CYBER SECURITY IN THE MARITIME SECTOR – SITUATIONAL ANALYSIS
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 8: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/8.jpg)
8
• Guidelines on maritime cyber risk management (IMO)
• Maritime cyber risk management in safety management systems
(IMO)
• The Tanker Management and Self Assessment - TMSA (OCIMF)
• The Guidelines on Cyber Security Onboard Ships (BIMCO, CLIA,
ICS, INTERCARGO, INTERTANKO, OCIMF and IUMI)
• The European Union Maritime Security Strategy (EUMSS)
• Cyber Security Awareness (AMMITEC)
• Recommendations on cyber safety for ships (IACS)
OTHER MARITIME REGULATIONS, GUIDELINES AND STANDARDS
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 9: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/9.jpg)
9
RELEVANT ENISA REPORTS
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 10: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/10.jpg)
10
2019 Study: Port Cybersecurity
• Port CISOs/CIOs
• Good practices / Recommendations
• Validation workshop – November 26th
NIS Directive Transposition
• National Approaches
• OES identification, Security Measures, Incident
Reporting
Other Activities
• Collaboration with DG MOVE and EMSA
• Stakeholder Engagement (MARSEC, SAGMAS,
Associations, Industry etc.)
• Raise awareness via workshops and meetings
ENISA’S ON-GOING WORK IN MARITIME
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 11: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/11.jpg)
11
PORT CYBERSECURITY WORKSHOP
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
https://www.enisa.europa.eu/events/enisa-maritime-cybersecurity-workshop
![Page 12: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/12.jpg)
12
TRANSSEC – MARITIME WORK STREAM
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 13: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/13.jpg)
13
BUILDING CYBERSECURITY SKILLS
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
Cyber Exercises Cybersecurity Training
Cyber Security Education NIS School
![Page 14: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/14.jpg)
14
OTHER ENISA REPORTS / ACTIVITIES
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
• ISACs good
practices
• Support for
existing sectorial
ISACs
• Annual report
with horizontal
and sectorial
threats
• Available as
online tool
• Risk Management for SMEs
• Business Continuity for SMEs
• Self Assessed Risk Management (SARM)
![Page 15: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/15.jpg)
15
THE NETWORK AND INFORMATION SECURITY DIRECTIVE
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
![Page 16: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/16.jpg)
16
THE EU CYBERSECURITY CERTIFICATION FRAMEWORK
Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport
SCCG ECCG
Union Rolling Work Programme
Ad Hoc Working
Group
Candidate
EU Cybersecurity
Certification Scheme
EU Cybersecurity
Certification Scheme
EU
Cybersecurity
Certificate
Conformity Assessment
Bodies
EU Member States
Supervise & Accredit
1 2
3
41: Identification of strategic priorities
2: Preparation of a Candidate Scheme
3: Adoption through an Implementing Act
4: Certification against this scheme and issue
of an EU Cybersecurity Certificate
![Page 17: Cyber Threats and Cybersecurity - ENISA’s advice and support for … · 2020-01-16 · Cyber Threats and Cybersecurity - ENISA’s advice and support for waterborne transport •ISACs](https://reader033.vdocument.in/reader033/viewer/2022042912/5f46bba1e89d5e08c6716e18/html5/thumbnails/17.jpg)
THANK YOU FOR YOUR ATTENTION
Vasilissis Sofias Str 1, Maroussi 151 24
Attiki, Greece
+30 28 14 40 9711
www.enisa.europe.eu