The maritime industry must raise awareness of what's at risk by not preventing cyber attacks. Here is some general advice:
Checklist at individual level on board:
Install security updates as soon as they come and automatically as much as possible.
Do not assign administrator rights to end users.
Do not allow the use of weak passwords. Introduce, where possible, that users document their identity through multi-stage security and approval procedures (multi-factor authentication).
Phase out older ICT products.
Do not allow anything other than software that has been approved by the company or unit supplier.
Checklist at system level on board and ashore:
Introduce a system for authentication and authorization for users of necessary information.
Introduce protection of all data at the appropriate level, based on the sensitivity of the information.
Introduce controlled access for IT users on board and ashore, so that each individual only has access and rights to the information for which they are authorized.
Introduce controlled communication between ship and shore, with safety in focus.
Introduce a response plan for cyber incidents based on thorough risk assessments.
Source: www.maritime-executive.com
Bình luận