The Critical Infrastructure Security for Maritime MODULE aims at describing the maritime environment and specificities. A focus is done on the Maritime Systems and specificities as well as on international regulation. Common vulnerabilities of systems and applications are detailed.
Risk analysis, security plans, policies and processes, regulatory framework and security standards continuity and recovery measures are presented.
This module has been developed by C2B consulting a French SME specialized in maritime security and located in Toulon in the south of France.
------
This work has been funded by the European Union. Views and opinions expressed are however those of the authors only and do not necessarily reflect those of the European Union or Health and Digital Executive Agency (H A D E A).
Neither the European Union nor the granting authority can be held responsible for them. Under Project Agreement no. 101083594
The CSP module 008, as part of the Cybsersecpro education and training project is designed to provide trainees and professionals with the knowledge and skills needed to apprehend evolving cyber threats in the maritime domain. Specifically designed for the maritime sector, this module goes beyond generic cybersecurity training to address the unique challenges of risks and vulnerabilities faced by the maritime administrations and operators. This training is part of EU Innovation Project namely "CyberSecPro". The aim to develop a large variety of materials that can be used by educators and trainers in cybersecurity. CyberSecPro’s ambition is to enhance the role of the Higher Education Institutes (HEIs) in offering hands-on and working-life skills for driving a trustworthy digital transformation in critical sectors of the economy.
The module is aiming at addressing the specific needs of :
- Managers and Leaders operating in operational positions of critical infrastructure and or Operators of essential services
- Working-life professionals all over the maritime digitalized domain
- SMEs and Public Sector Employees
The module takes place twice a year during the Autumn period and Winter. It can take place in Toulon on demand, at the NMIOTC NATO Training Centre in Greece in Autumn and in December and January at the University du Littoral de Côte d ‘Opale in Dunkirk (France). It represents a theoretical course as part of a global maritime cybersecurity mix of course and workshops including on-hands training as part of some specific areas (AIS and SCADA training) and for dedicated training audiences.
- The course takes into account National specificities for critical infrastructure but also the ones regulating the EU NIS directive for Operators of essential services
- It aims at presenting the Importance of data (EU Classified Information, Sensitive data, ….) in a EU framework
At least it will assess existing risks and present specific mitigation as Cryptography or even insurances which are an important pillar of risks in the maritime domain.
----
This module designed for maritime stakeholders aims at identifying risks for critical infrastructure to improve their resilience. The module addresses maritime critical infrastructure and operators of essential services as identified in the NIS directive - it represents a baseline of cybersecurity risk management in the maritime domain and it aims at equipping participants with the knowledge and skills necessary to manage cyber security risks.
----
The training outcomes can be resumed as following :
- To demonstrate ethical and professional conduct in all aspects of information and cybersecurity management.
- To understand and articulate the key concepts and principles of information and cybersecurity.
- To apprehend the evolving cyber threat landscape and the diverse range of cyberattacks.
- To Identify the cybersecurity threats, vulnerabilities, and risks to an organisation.
- To recognise the human factor's role in cybersecurity breaches and risk mitigation strategies.
- To help and select appropriate security controls to protect against identified cybersecurity threats and risks.
- Teacher: Bruno BENDER
The Cybersecurity Essential and Management training module provides trainees with the knowledge of basic concepts and skills necessary to manage the security of information assets in an organisation. The module covers a wide range of topics as provided under the “Main topics and content list.” The module is designed to be more practical and hands-on and allows participants to gain experience in applying the concepts they learn through a variety of exercises and activities.
- Teacher: Nuno Pedrosa
Introduction to Cybersecurity. Foundational Knowledge of Cybersecurity Taxonomy. Cybersecurity Body of Knowledge. Importance of Cybersecurity. Common Cyber Threats and Types of Cyber Attacks. Understand Hackers Mindset. Cybersecurit Best Practices: CIA, Risk Management, Security Policies & Procedures, Security Awareness Programmes, Incident Response. Cryptography-encryption and decryption and identity and access management. Secure Communication Protocols. Network Security Fundamentals and Endpoint Security. Advanced topics: Cloud, Mobile, IoT security, Application Security, AI and IAM. Security Complienace Standards. Conclusion and next
- Teacher: Dimitrios Kallergis
- Teacher: Dimitris Koutras
- Teacher: Paulinus Ofem
- Teacher: Paresh Rathod
CyberSecPro Training Module on Cybersecurity Essentials and Management for the Business. This workshop will equip you with the fundamental knowledge and best practices to safeguard your online business operations against evolving cyber threats.
Through this introduction, we will set the stage for the crucial role of cybersecurity in the dynamic and rapidly expanding world of e-commerce. Prepare to explore the key principles, standards, and strategies that will empower you to build a robust cybersecurity posture and protect your customers, data, and digital assets.
A collective list of knowledge, skills and competences as below:
o Understand core cybersecurity concepts and threats.
o Apply best practices for securing businesses (access control, networks, data).
o Participate in incident response and business continuity planning.
o Manage vulnerabilities, patches, and security logs.
o Implement security measures for cloud, mobile, and IoT.
o Analyze risks and develop cybersecurity policies.
o Communicate effectively about cybersecurity.
o Manage cybersecurity budgets and resources.
- Teacher: Paresh Rathod
logo programming course.png|
This training module introduces students to the foundational concepts of programming while integrating essential principles of cybersecurity. The topics covered include: Fundamental Syntax and Building Blocks of Programming Languages Students will learn the core syntax and foundational structures of Python, including variables, data types, loops, conditionals, and functions. Planning, Implementation, and Testing of Small-Scale Programs Emphasis will be placed on designing, developing, and testing programs with secure coding practices to minimize vulnerabilities. Identifying and Reporting Vulnerabilities Participants will get an opportunity to analyze small-scale software programs to identify common vulnerabilities and learn how to document and report these issues effectively. |
- Teacher: Katja Henttonen