scholarly journals Tanker Industry is More Ready against Cyber Threats

2019 ◽  
Author(s):  
A Oruc ◽  
Fred Flinstone
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Critical Role ◽  
The Other ◽  
Maritime Industry ◽  
Assessment Report ◽  
Cyber Threats ◽  
The World ◽  
Autonomous Ship ◽  
Cyber Risk

Cyber security in the maritime industry became crucial due to both academic researches and incidents. There are academic studies that show vulnerabilities in various navigation equipments such as GPS, ECDIS, AIS and ARPA-Radar. Additionally, there are different cyber incidents around the world. Developments in technology, autonomous ship projects, academic studies and cyber incidents in the sector put in action IMO. As per ISM Code, all shipping companies are mandatory to add “Guidelines on Maritime Cyber Risk Management” manual to their SMS manuals until 1st January 2021. Both OCIMF and CDI failed to be indifferent to developments that are important for tanker operators as well as IMO. While OCIMF added cybersecurity-related questions to vetting programs called TMSA 3 and VIQ 7, CDI also added cybersecurity-related items in SIR 9.8.1 edition. On the other hand, RightShip provides significant vetting service for dry cargo ships. “Inspection and Assessment Report” is issued by RigthShip for dry cargo ships. Questions related with cybersecurity was added with Revision No: 11 dated on 11th May 2017 in “Inspection and Assessment Report”. In this study, cyber security related questions which are asked during TMSA, SIRE and CDI vettings which play a critical role for commercial life of tanker firms, were analyzed. Moreover, questions and efficiency of RightShip that offers vetting service for dry cargo ships, were assessed to maritime cyber security. Also, cybersecurity-related questions in vetting questionnaires were interpreted by the author. These comments rely on benchmarking meetings among tanker operators where the author personally attended, and interview with key persons. Noted observations during vettings may negatively impact both commercial life and reputation of the tanker operators. That’s why the firm names and interviewee names were kept confidential. In this study, it was seen that although IMO demanded verification of cyber security-related implementations for the ship operators until 1st January 2021, this process started earlier for tanker operators.

scholarly journals RISK MANAGEMENT IN THE FINANCIAL SECTOR OF UKRAINE IN THE CONTEXT OF CYBER THREATS AND POST-PANDEMIC ECONOMIC RECOVERY

2021 ◽  
pp. 19-27
Author(s):  
Nazar Demchyshak ◽  
Anastasiia Shkyria
Keyword(s):  
Risk Management ◽  
National Security ◽  
Cyber Security ◽  
Financial Sector ◽  
Cyber Attacks ◽  
Cyber Threats ◽  
The World ◽  
Cyber Threat ◽  
Security Index ◽  
Cyber Risk

Purpose. The aim of the article is substantiation of approaches of domestic and foreign scientists to risk management in the financial sector of Ukraine in the context of cyber threats and the need to ensure national security and post-pandemic economic recovery. Methodology of research. General scientific and special methods of scientific research are used in the article, in particular: induction, deduction, scientific abstraction - to reveal the essence of the concepts of "cyber threat", “cyber security" and "digitalization"; statistical and graphical methods - to assess the current situation in the field of cyber defence in the world and the national cyber security index; methods of analysis and synthesis - in substantiating the conclusions of the research. Finding. Definitions of cyber risk, approaches to its interpretation and classification were considered. The importance of cyber security in the digitalization of the national economy was argued. The Strategy of Ukrainian Financial Sector Development until 2025 is analysed. The world statistics of frequency and losses due to cyber-attacks are studied and the cyber threats that caused the greatest losses in Ukraine are identified. The analysis of Ukraine’s positions in the National Cyber Security Index 2020 is carried out. The directions of cyber threat prevention that can be useful for Ukrainian companies are substantiated. Originality. The author’s definition of the term "cyber risk" is proposed, in which special attention in focused on the effects of cyber threats. The importance of cyber risk management in the conditions of inevitability of digitalization in the financial sector of Ukraine is substantiated. Approaches to the prevention of cyber-attacks, the implementation of which is necessary for the successful digital transformation of Ukraine, are proposed. Practical value. The results of the research will contribute to the formation of an effective risk management system in the financial sector of Ukraine in terms of digitalization of the financial space and post-pandemic recovery of the national economy. Key words: national security, cyber risk, cyber threat, cyber defence, digitalization, post-pandemic recovery, fintech.

Cyber risk management in SMEs: insights from industry surveys

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Felicitas Hoppe ◽  
Nadine Gatzert ◽  
Petra Gruner
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Future Research ◽  
Management Process ◽  
Content Type ◽  
Security Culture ◽  
Current State ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Cyber Risk

PurposeThis article aims to gain insights on the current state of small- and medium-sized enterprises’ (SMEs’) cyber risk management process and to derive future research directions.Design/methodology/approachThis is done by collecting market insights from 37 recent industry surveys and structuring them based on the steps of the risk management process. From this analysis, major challenges are derived and future fields of research identified.FindingsThe results indicate that deficiencies in risk culture as well as the strained market for IT experts are the major obstacles with respect to the implementation of cyber risk management in SMEs, and that these challenges are similar across countries. The findings suggest that especially the relationship between cyber security culture and cyber risk management should be investigated further, and that a stronger link between the research streams on enterprise risk management and cyber risk management would be desirable.Originality/valueThis paper contributes to the literature by providing a systematic overview on the current state of SMEs' cyber risk management from a market perspective. The findings provide support for the existing academic literature by emphasizing the central role of cyber security culture (perception, knowledge, attitude) for a successful cyber risk management, which however should be addressed in more depth in future (empirical) research.

Scientific Intelligence, Decision Making, and Cyber-Security

2021 ◽  
pp. 1467-1489
Author(s):  
Luisa dall'Acqua
Keyword(s):  
Decision Making ◽  
Risk Management ◽  
Cognitive Science ◽  
Cyber Security ◽  
Scientific Intelligence ◽  
The Other ◽  
Intelligence Analysis ◽  
Computer Engineering ◽  
Strategic Choices ◽  
Technological Tools

Because of the huge amount of data and information in the decision-making and strategic choices processes, basing decisions on information directly collected from the sources is not conceivable. A decision-making analyst becomes a fundamental pillar in both the corporate field and the institutional world. This role is becoming increasingly complex and specialized, critical within the cycle of the intelligence analysis, for the relationships that bind it to the other stakeholders, and for the methodological and technological tools that support it. The purpose of this chapter is to explore the milestones of the intelligence analysis deriving from a close collaboration between social sciences, cognitive science, computer engineering, and ICT in order to respond to the different needs in the field of risk management, safety, investigations, and applied intelligence.

Cybersecurity as a global concern in need of global solutions: an overview of financial regulatory developments in 2015

2016 ◽  
Vol 17 (1) ◽  
pp. 101-111 ◽  
Author(s):  
V. Gerard Comizio ◽  
Behnam Dayanim ◽  
Laura Bain
Keyword(s):  
Financial Institutions ◽  
Cyber Security ◽  
Assessment Tool ◽  
The United States ◽  
Regulatory Compliance ◽  
The European Union ◽  
Content Type ◽  
Cyber Threats ◽  
Cyber Risk ◽  
Financial Regulatory

Purpose To provide financial institutions an overview of the developments in cybersecurity regulation of financial institutions during 2015 by the United States, the United Kingdom, and the European Union, as well as guidance for developing effective cyber-risk management programs in light of evolving cyber-threats and cyber-regulatory expectations. Design/methodology/approach Reviews US, UK and EU regulatory developments in the cybersecurity area and provides several best practice tips financial institutions should consider and implement to improve their cybersecurity compliance programs. Findings While cyber-threats and financial regulators’ expectations for cyber-security are constantly evolving, recent guidance and enforcement efforts by the US, UK and EU illustrate the need for financial institutions to develop effective cybersecurity programs that address current regulatory compliance requirements and prepare for emergency cyber responses. Practical implications Financial institutions should utilize the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool to assess their cyber-risk profile and cyber-preparedness. Originality/value Practical guidance from experienced financial regulatory and privacy lawyers that provides a survey of the current regulatory environment and recommendations for cyber-security compliance.

scholarly journals Corporate risk, intelligence and governance in the time of cyber threat

2014 ◽  
Vol 4 (1) ◽  
pp. 16-22 ◽  
Author(s):  
Christopher Bronk
Keyword(s):  
Cyber Security ◽  
General Concept ◽  
Digital Form ◽  
Economics Of Information ◽  
Policy Makers ◽  
Security Issues ◽  
Cyber Threats ◽  
Risk Intelligence ◽  
Corporate Risk ◽  
Cyber Risk

Cyber security is an issue of foremost interest for policy makers in the world’s governments, corporations, NGOs, academic institutions, and other associations, however remedy for the myriad cyber threats and vulnerabilities continues to elude technologists and policy makers alike. In this paper, we consider the concept of cyber risk intelligence, a general concept of understanding the varied phenomena that impact an organization’s capacity to secure its digital communications and resources from eavesdropping, theft or attack. We also consider the deeper economics of information held and transmitted in digital form and how those economics may alter thinking on modeling of risk. Finally, we offer guidance of how organizations and entire sectors of business activity may want to alter their thinking on cyber security issues beyond a technological framing to an informational one aligned with business activities.

Obtaining reasonable assurance on cyber resilience

2019 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Filip Caron
Keyword(s):  
Risk Management ◽  
Real World ◽  
Cyber Security ◽  
Design Methodology ◽  
Content Type ◽  
Security Controls ◽  
Conceptual Designs ◽  
Testing Techniques ◽  
Traditional Process ◽  
Cyber Risk

PurposeThe purpose of this paper is to highlight the potential of cyber-testing techniques in assessing the effectiveness of cyber-security controls and obtaining audit evidence.Design/methodology/approachThe paper starts with an identification of the applicable cyber-testing techniques and evaluates their applicability to generally accepted assurance schemes and cyber-security guidelines.FindingsCyber-testing techniques are providing insight in the effectiveness of the actual implementation of cyber-security controls, which may significantly deviate from the conceptual designs of these controls. Furthermore, cyber-testing techniques could provide concise input for cyber-risk management and improvement recommendations.Originality/valueThe presented cyber-testing techniques could complement traditional process-oriented assurance techniques with specialized technical analyses of real-world implementations that focus on the adversaries’ viewpoint.

scholarly journals Impact of Covid-19 on cyber Security

2022 ◽  
Author(s):  
Usman Akanbi
Keyword(s):  
Cyber Security ◽  
Large Scale ◽  
Cyber Threats ◽  
The World ◽  
The Common ◽  
New Form

The Covid-19 pandemic is an unforeseen occurrence that took the world by storm. Governments and businesses were unprepared, hence the large-scale impact it continuously has on the planet. It has permanently revolutionised how we live, work and interact with technology. With this new way of living, businesses and governments had to adapt to a new form of survival, and so did cybercriminals; there was a surge in cyber threats due to our newfound dependence on technology. This paper emphasises the common types of cyber threats and the targeted industries. These attacks were more successful because people were uneasy and desperate, which gave the criminals more incentive to attack businesses. To avoid being a cyber target, I have provided recommendations against future threats.

scholarly journals Statistical Indicators of Cybersecurity Development in the Context of Digital Transformation of Economy and Society

2021 ◽  
Vol 17 (3) ◽  
pp. 3-13
Author(s):  
Antonina Yerina ◽  
Ihor Honchar ◽  
Svitlana Zaiets
Keyword(s):  
Cyber Security ◽  
Communication Systems ◽  
Large Scale ◽  
Digital Transformation ◽  
Cyber Attacks ◽  
Cyber Threats ◽  
Level Of Economic Development ◽  
Information And Communication ◽  
High Level ◽  
Cyber Risk

Introduction. The scale and destructive consequences of the unlawful impact on cyberspace is a key problem of modern geopolitics, and cyber reliability is recognized as one of the most important security priorities by the subjects of international relations.Problem Statement. Monitoring of cyber incidents and anomalies in information and communication systems and prompt response to risks determined by cyber threats require the development of a system of indicators and criteria for cybersecurity assessment.Purpose. Summarize the international experience of assessing the cybersecurity, to position countries by their level of development in the global space, to identify strengths and weaknesses in cybersecurity management, and to ensure effective protection of cyberspace at the national level.Materials and Methods. Used the component indices of the international rankings characterizing the potential of the digital economy (ICT IDI, NRI, EGDI) and the participation of countries in the field of cybersecurity(GCI and NCSI).Results. It has been argued that cybersecurity ratings play the role of a kind of identifier of the relative advantages and vulnerabilities of the national cyber strategies, and indicate the need for their review in order tostrengthen protection against cyber-attacks and improve the cyber risk management system. In countries with a high level of economic development, which is largely based on the contribution of IT technologies to the national production, the cybersecurity potential is significantly higher, regardless of geolocation. The discovered correlation between GCI, information society development indices (IDI, NRI, EGDI) and GDPper capita confirms that the digital transformation of the economy and society acts as a key driver of economicdevelopment if the information- and cyber-security are assured only. The best practices are highlighted, andcritically weak segments of the national cybersecurity are identified.Conclusions. Using the NCSI indicators, the preparedness of Georgia and Ukraine to prevent the implementation of fundamental cyber threats and to manage cyber incidents and large-scale cyber crises is assessed.

Cyber-Security and Its Future Challenges

2021 ◽  
Vol 10 (1) ◽  
pp. 38-50
Author(s):  
Gagandeep SINGH ◽  
Vikrant SHARMA
Keyword(s):  
Cyber Security ◽  
Review Paper ◽  
The Other ◽  
The Internet ◽  
Cyber Threats ◽  
Other Hand ◽  
The Future ◽  
Future Challenges

This paper pertains to the existing challenges of cybersecurity, along with its threats in the future. On the other hand, the internet is expanding every day, and attackers see it as an opportunity to exploit people over the internet. In the future, this can lead to severe consequences in the coming time. This review paper reflects the challenges faced in cybersecurity and the terrible consequences of cyber threats in the future.

Data Breach, Privacy, and Cyber Insurance: How Insurance Companies Act as “Compliance Managers” for Businesses

2018 ◽  
Vol 43 (02) ◽  
pp. 417-440 ◽  
Author(s):  
Shauhin A. Talesh
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Participant Observation ◽  
Legal Regulation ◽  
Insurance Companies ◽  
Organizational Sociology ◽  
Cyber Insurance ◽  
Privacy Laws ◽  
Cyber Risk ◽  
Management Services

While data theft and cyber risk are major threats facing organizations, existing research suggests that most organizations do not have sufficient protection to prevent data breaches, deal with notification responsibilities, and comply with privacy laws. This article explores how insurance companies play a critical, yet unrecognized, role in assisting organizations in complying with privacy laws and dealing with cyber theft. My analysis draws from and contributes to two literatures on organizational compliance: new institutional organizational sociology studies of how organizations respond to legal regulation and sociolegal insurance scholars' research on how institutions govern through risk. Through participant observation at conferences, interviews, and content analysis of insurer manuals and risk management services, my study highlights how insurers act as compliance managers for organizations dealing with cyber security threats. Well beyond pooling and transferring risk, insurance companies offer cyber insurance and unique risk management services that influence the ways organizations comply with privacy laws.

Sign in / Sign up

Export Citation Format

Share Document