Cyber security is a relatively new focus area in the shipping environment. With the increase of systems which are software intensive and connected to onshore systems and third parties, the exposure to cyber threats has increased. At the same time, the increasing sophistication of cyber-attacks is adding to the threats that Information Technology security organizations have to deal with.
A high-level self-assessment is an initial step in a company’s cyber security enhancement programme, when senior management quickly needs an overview of its cyber risk picture and wants to gain a structured indication of where more focused assessments are required. This approach is based on best judgement, reducing the effort required and leading to a first indication of the risk picture.
The Cyber Security Self-Assessment features background information on cyber security and offers various selection options for business processes and systems to be followed from a holistic questionnaire estimating the likelihood of a cyberattack. For each process or system, the risk with respect to loss, leak, availability and manipulation of data can be assessed by the user. The risk of cyberattacks is composed from the likelihood of an attack and the potential consequences.