A Study on Cyber Risk Management Measures due to the Increase in Cyber Attacks in the Shipping Industry

Purpose. The aim of the article is substantiation of approaches of domestic and foreign scientists to risk management in the financial sector of Ukraine in the context of cyber threats and the need to ensure national security and post-pandemic economic recovery. Methodology of research. General scientific and special methods of scientific research are used in the article, in particular: induction, deduction, scientific abstraction - to reveal the essence of the concepts of "cyber threat", “cyber security" and "digitalization"; statistical and graphical methods - to assess the current situation in the field of cyber defence in the world and the national cyber security index; methods of analysis and synthesis - in substantiating the conclusions of the research. Finding. Definitions of cyber risk, approaches to its interpretation and classification were considered. The importance of cyber security in the digitalization of the national economy was argued. The Strategy of Ukrainian Financial Sector Development until 2025 is analysed. The world statistics of frequency and losses due to cyber-attacks are studied and the cyber threats that caused the greatest losses in Ukraine are identified. The analysis of Ukraine’s positions in the National Cyber Security Index 2020 is carried out. The directions of cyber threat prevention that can be useful for Ukrainian companies are substantiated. Originality. The author’s definition of the term "cyber risk" is proposed, in which special attention in focused on the effects of cyber threats. The importance of cyber risk management in the conditions of inevitability of digitalization in the financial sector of Ukraine is substantiated. Approaches to the prevention of cyber-attacks, the implementation of which is necessary for the successful digital transformation of Ukraine, are proposed. Practical value. The results of the research will contribute to the formation of an effective risk management system in the financial sector of Ukraine in terms of digitalization of the financial space and post-pandemic recovery of the national economy. Key words: national security, cyber risk, cyber threat, cyber defence, digitalization, post-pandemic recovery, fintech.

Download Full-text

Motivation-based Attacker Modelling for Cyber Risk Management: A Quantitative Content: Analysis and a Natural Experiment

Journal of Information Security and Cybercrimes Research ◽

10.26735/nmmd9869 ◽

2021 ◽

Vol 4 (2) ◽

pp. 30-43

Author(s):

Florian-Klaus Kaiser ◽

Marcus Wiens ◽

Frank Schultmann

Keyword(s):

Risk Management ◽

Content Analysis ◽

Natural Experiment ◽

Cyber Attacks ◽

Quantitative Content Analysis ◽

Risk Modelling ◽

Quantitative Content ◽

Heavy Burden ◽

Multi Method Approach ◽

Cyber Risk

Cyber-attacks have a tremendous impact on worldwide economic performance. Hence, it is vitally important to implement effective risk management for different cyber-attacks, which calls for profound attacker models. However, cyber risk modelling based on attacker models seems to be restricted to overly simplified models. This hinders the understanding of cyber risks and represents a heavy burden for efficient cyber risk management. This work aims to forward scientific research in this field by employing a multi-method approach based on a quantitative content analysis of scientific literature and a natural experiment. Our work gives evidence for the oversimplified modelling of attacker motivational patterns. The quantitative content analysis gives evidence for a broad and established misunderstanding of attackers as being illicitly malicious. The results of the natural experiment substantiate the findings of the content analysis. We thereby contribute to the improvement of attacker modelling, which can be considered a necessary prerequisite for effective cyber risk management.

Download Full-text

Commercial Maritime and Cyber Risk Management

Safety & Defense ◽

10.37105/sd.42 ◽

2019 ◽

Vol 5 (1) ◽

pp. 46-48

Author(s):

Akash RANA

Keyword(s):

Risk Management ◽

Best Practices ◽

Cyber Security ◽

Cyber Attacks ◽

Signal Interference ◽

Cyber Crime ◽

British Government ◽

Code Of Practice ◽

Starting Point ◽

Cyber Risk

The starting point of the paper is the recognition of the growing threat of cyber-attacks to commercial maritime. Constantly growing dependency on technology has obvious advantages, on the other hand, however, it makes commercial maritime vessels progressively more vulnerable to cyber-crime, including GPS signal interference, malware attacks or even gaining control over ships’ systems and networks. The main objective of the paper is to present and discuss the Guidelines on Cyber Security Onboard Ships developed by the International Maritime Organization, including best practices for implementation of cyber risk management. The article’s goal is to summarize the guidelines and to familiarize the reader with the reasons why and the methods how they should be implemented. The paper is concluded with an example how the Guidelines can be adopted by national authorities, i.e., a brief presentation of “Code of Practice: Cyber Security for Ships” – a document developed by the British government that transposes the IMO guidelines.

Download Full-text

METHODS FOR THE IDENTIFICATION OF CYBER RISKS: AN ANALYSIS BASED ON PATENT DATA

CBU International Conference Proceedings ◽

10.12955/cbup.v6.1163 ◽

2018 ◽

Vol 6 ◽

pp. 241-246

Author(s):

Lyubov Klapkiv ◽

Yurij Klapkiv

Keyword(s):

Risk Management ◽

Data Processing ◽

Industrial Revolution ◽

Wide Spectrum ◽

Risk Identification ◽

Cyber Attacks ◽

Digital Data ◽

Digital Information ◽

Economic Significance ◽

Cyber Risk

The problem of fast-rising cyber-risks become very important in the era of the Fourth Industrial Revolution. Cyber-risks cause not only high losses but also break the chain of economic relations between companies and their customers. Besides, cyber risks change their form and structure rapidly, so the tools of risk management must be adequate. That is why the problem of cyber-risk identification and assessment has gotten attention and become so actual. The purpose of this study is to outline new approaches to identifying and estimating cyber-risks based on the dates of the World International Property Organization (WIPO). In order to conduct our study, we will use various tools and techniques such as: citation analysis, cluster analysis, and visualization. We have analyzed the patent information from the groups of “Electric digital data processing”, “Transmission of digital information” and data processing systems or methods, specially adapted for financial purposes. In our findings, we analyze the technical and economic significance of patents.Our work has led us to conclude that the number of methods of cyber risk identification that were the objects of applications granted by WIPO has a strong connection with the number of cyber-attacks from 2010 to 2017. That is why the innovative methods that were granted have a wide spectrum of influence and could be used in different stages of risk management. We selected patents that based on cyber risk identification and assessment from the data of WIPO and divided these patents into clusters. This helps us in understanding the trends and characters of innovative activities directed to successful management of cyber risks.

Download Full-text

Cyber-risk management: identification, prevention, and mitigation techniques

10.31219/osf.io/skxec ◽

2021 ◽

Author(s):

Naveen Kunnathuvalappil Hariharan

Keyword(s):

Risk Management ◽

Cyber Security ◽

Critical Infrastructure ◽

Identity Theft ◽

Cyber Attacks ◽

Cyber Terrorism ◽

Mitigation Techniques ◽

Cyber Risk ◽

Careful Management

Cyber-attacks on critical infrastructure, as well as the possibility of cyber-terrorism and even cyberwarfare, pose a threat to societies on a larger scale. Stakeholders are vulnerable to information theft,service disruptions, privacy and identity theft, fraud, espionage and sabotage. This article provides abrief overview of risk management, with a particular emphasis on cyber security and cyber-riskassessment. This article provides an overview of risk management, with a particular emphasis oncyber security detection, prevention, and mitigation techniques. We showed how organizations couldmitigate their cyber risk with careful management.

Download Full-text

Managing Cyber Security Risks of the Cyber-Enabled Ship

Journal of Marine Science and Engineering ◽

10.3390/jmse8100768 ◽

2020 ◽

Vol 8 (10) ◽

pp. 768

Author(s):

Georgios Kavallieratos ◽

Sokratis Katsikas

Keyword(s):

Cyber Security ◽

Cyber Physical Systems ◽

Transformation Process ◽

Cyber Attacks ◽

Security Requirements ◽

Shipping Industry ◽

Security Risks ◽

Industrial Control Systems ◽

Physical Systems ◽

Cyber Risk

One aspect of the digital transformation process in the shipping industry, a process often referred to as Shipping 4.0, is the increased digitization of on board systems that goes along with increased automation in and autonomy of the vessel. This is happening by integrating Information Technology with Operation Technology systems that results in Cyber Physical Systems on which the safe operations and sailing of contemporary and future vessels depend. Unavoidably, such highly interconnected and interdependent systems increase the exposure of the vessel’s digital infrastructure to cyber attacks and cyber security risks. In this paper, we leverage the STRIDE and DREAD methodologies to qualitatively and quantitatively assess the cyber risk of Cyber Physical Systems on board digitalized contemporary and future ships. Further, we propose appropriate cyber security baseline controls to mitigate such risks, by applying a systematic approach using a set of criteria that take into account the security requirements; the cyber risks; the possible attacks; and the possibly already existing controls, to select from the list of controls provided in the Industrial Control Systems (ICS) overlay of the NIST Guide to ICS Security. The results are expected to support the decision-making and the design of a security architecture for the cyber-enabled ship.

Download Full-text

Cyber Risk. The New Enemy for Risk Management in the Age of Globalisation

MANAGEMENT CONTROL ◽

10.3280/maco2018-su2007 ◽

2018 ◽

pp. 135-155 ◽

Cited By ~ 2

Author(s):

Chiara Crovini ◽

Giovanni Ossola ◽

Pier Luigi Marchini

Keyword(s):

Risk Management ◽

Cyber Risk

Download Full-text

Defining the Workforce and Training Array for the Cyber Risk Management and Cyber Resilience Methodology of an Army

Proceedings of the 19th European Conference on Cyber Warfare ◽

10.34190/ews.20.114 ◽

2020 ◽

Keyword(s):

Risk Management ◽

Cyber Risk ◽

And Training

Download Full-text

Risk Management for Bonds with Embedded Options

Mathematics ◽

10.3390/math8050790 ◽

2020 ◽

Vol 8 (5) ◽

pp. 790

Author(s):

Antonio Díaz ◽

Marta Tolentino

Keyword(s):

Risk Management ◽

Interest Rate ◽

Interest Rates ◽

Interest Rate Risk ◽

Interest Rate Models ◽

Management Measures ◽

Interest Rate Risk Management ◽

Embedded Options ◽

The Interest Rate ◽

Interest Rate Change

This paper examines the behavior of the interest rate risk management measures for bonds with embedded options and studies factors it depends on. The contingent option exercise implies that both the pricing and the risk management of bonds requires modelling future interest rates. We use the Ho and Lee (HL) and Black, Derman, and Toy (BDT) consistent interest rate models. In addition, specific interest rate measures that consider the contingent cash-flow structure of these coupon-bearing bonds must be computed. In our empirical analysis, we obtained evidence that effective duration and effective convexity depend primarily on the level of the forward interest rate and volatility. In addition, the higher the interest rate change and the lower the volatility, the greater the differences in pricing of these bonds when using the HL or BDT models.

Download Full-text

Design of a dynamic and self-adapting system, supported with artificial intelligence, machine learning and real-time intelligence for predictive cyber risk analytics in extreme environments – cyber risk in the colonisation of Mars

Safety in Extreme Environments ◽

10.1007/s42797-021-00025-1 ◽

2021 ◽

Author(s):

Petar Radanliev ◽

David De Roure ◽

Kevin Page ◽

Max Van Kleek ◽

Omar Santos ◽

...

Keyword(s):

Artificial Intelligence ◽

Machine Learning ◽

Real Time ◽

Cyber Security ◽

Extreme Environments ◽

Learning Technologies ◽

Cyber Attacks ◽

Edge Computing ◽

Mathematical Formulas ◽

Cyber Risk

AbstractMultiple governmental agencies and private organisations have made commitments for the colonisation of Mars. Such colonisation requires complex systems and infrastructure that could be very costly to repair or replace in cases of cyber-attacks. This paper surveys deep learning algorithms, IoT cyber security and risk models, and established mathematical formulas to identify the best approach for developing a dynamic and self-adapting system for predictive cyber risk analytics supported with Artificial Intelligence and Machine Learning and real-time intelligence in edge computing. The paper presents a new mathematical approach for integrating concepts for cognition engine design, edge computing and Artificial Intelligence and Machine Learning to automate anomaly detection. This engine instigates a step change by applying Artificial Intelligence and Machine Learning embedded at the edge of IoT networks, to deliver safe and functional real-time intelligence for predictive cyber risk analytics. This will enhance capacities for risk analytics and assists in the creation of a comprehensive and systematic understanding of the opportunities and threats that arise when edge computing nodes are deployed, and when Artificial Intelligence and Machine Learning technologies are migrated to the periphery of the internet and into local IoT networks.

Download Full-text