CSP002_S_G: Communication in Cyber Incident Response

This module provides a comprehensive understanding of the critical role of communication in cyber incident response within high-stakes environments, especially in sectors requiring rapid, coordinated action like maritime operations and cybersecurity defense. Students will explore how human factors, shared situational awareness (SA), and mental models impact decision-making and coordination in cyber defense scenarios. The module addresses the development of effective communication strategies, the unique challenges posed by complex cyber-physical environments, and the integration of human insights into incident response. Practical sessions on situational reports (SITREPS), structured team communication, and crisis communication are included to equip students with tools for enhancing resilience in cyber operations.

Learning Outcomes
By the end of this module, students will be able to:

  • Understand the Role of Communication in Cybersecurity: Explain the importance of communication for effective decision-making and coordination during cyber incidents.
  • Identify and Apply Communication Strategies: Utilize structured communication methods and situational awareness to enhance team performance and response effectiveness.
  • Analyze Situational Awareness and Shared Mental Models: Recognize and implement situational awareness principles and shared mental modeling to improve incident response outcomes.
  • Design and Evaluate Crisis Communication Plans: Develop crisis communication strategies that enhance resilience, trust, and efficiency within cyber incident response teams.

CSP002_SS_W_Social Engineering in cybersecurity

This module, Human Factors in Cybersecurity, delves into the role of human behavior, psychological principles, and decision-making vulnerabilities as pivotal elements in cybersecurity. Students will explore various forms of social engineering and its techniques, analyzing how attackers exploit human psychology to bypass technological defenses. Through real-world case studies and practical examples, the module covers risks, impacts, and countermeasures for social engineering in critical sectors such as energy, maritime, and healthcare. Students will gain insight into the manipulation techniques used in phishing, deepfakes, and dark patterns, equipping them with strategies to recognize, evaluate, and respond to social engineering threats.

Learning Outcomes
By the end of this module, students will be able to:

  • Understand the Role of Human Factors in Cybersecurity: Describe the importance of human behavior and psychology in the context of cybersecurity vulnerabilities.
  • Identify and Analyze Cybersecurity Risks: Recognize specific cybersecurity risks and vulnerabilities stemming from human factors, with a focus on social engineering tactics.
  • Comprehend Social Engineering Processes: Understand how social engineering exploits are conducted and their psychological underpinnings.
  • Assess Personal and Organizational Vulnerabilities: Identify one’s own and an organization's susceptibility to social engineering attacks, implementing mitigation strategies to reduce these risks.

CSP002_S_E: Human Aspect of Energy Cybersecurity

This course navigates through the human aspects of energy sector cybersecurity, examining the psychological, social, and organizational influences on security practices and decisions in an energy context. Attendees will uncover insights into human vulnerabilities that cyber attackers target in energy operations and acquire methods to cultivate a cybersecurity-aware culture within energy organizations. It further highlights the vital importance of communication and collaboration at strategic, operational, and tactical levels specific to the energy sector. Participants will investigate how proficient communication between energy domains and effective decision-making can strengthen cybersecurity measures in energy operations.
Upon successful completion of this module, the learner will be expected to be able to:
Knowledge:
•    Gain an understanding of the psychological, social, and organizational elements that shape cybersecurity actions within the energy sector.
•    Understand the critical role of communication and teamwork in bolstering energy sector cybersecurity across different segments.
•    Learn how decision-making frameworks are applied at strategic, operational, and tactical levels within energy sector cybersecurity.
•    Recognize the profiles and strategies of adversaries targeting energy infrastructure.
•    Evaluate human-related threats and vulnerabilities in energy contexts.
•    Understand how to implement cybersecurity trainings in energy operations.
Skills:
•    Use effective communication plans tailored to energy sector cybersecurity needs.
•    Detect and counteract human-centric threats and vulnerabilities in energy operations.
•    Engage with interdisciplinary teams to address the human dimensions of cybersecurity in energy settings.
•    Examine real-world energy sector cybersecurity breaches to identify human errors and lapses in communication.
•    Classify adversaries targeting energy interests and scrutinize their tactics.
•    Design and evaluate cybersecurity training programs tailored for the energy sector.
Competencies:
•    Lead discussions pertinent to cybersecurity in the energy sector at various levels of decision-making.
•    Cultivate an environment of transparent communication and teamwork focused on cybersecurity within the energy sector.
•    Understand the needs of training within the context of energy sector cybersecurity.
•    Identify human-centric threats and vulnerabilities in maritime operations.

CSP002_W_E: Human Aspect of Cybersecurity in Energy Sector

This course delves into the human aspects of cybersecurity within the energy sector, exploring the psychological, social, and organizational influences on security practices and decisions in an energy context. Participants will gain insights into human vulnerabilities that cyber attackers exploit in energy infrastructure and develop methods to foster a cybersecurity-aware culture within energy organizations. It also emphasizes the critical importance of communication and collaboration at strategic, operational, and tactical levels tailored to the energy sector. Attendees will explore how effective communication among energy stakeholders and sound decision-making can enhance cybersecurity measures in energy operations.

Upon successful completion of this module, the learner will be expected to be able to: 
Knowledge:
•    Gain an understanding of the psychological, social, and organizational elements that shape cybersecurity actions within the energy domain.
•    Understand the crucial role of communication and teamwork in strengthening cybersecurity across different segments of the energy sector.
•    Learn how decision-making frameworks are applied at strategic, operational, and tactical levels within energy cybersecurity.
•    Recognize the profiles and strategies of adversaries targeting energy infrastructure.
•    Evaluate human-related threats and vulnerabilities in energy contexts.
Competencies:
•    Understand the discussions relevant to energy sector cybersecurity at various levels of decision-making.
•    Foster an environment of transparent communication and teamwork focused on energy cybersecurity.
•    Reflect on cybersecurity decision-making with an awareness of how human factors play a role in the energy sector.
•    Identify human-centric threats and vulnerabilities in energy operations.

CSP002_SS_M Human Centric and Secure Maritime Ecosystems

This course introduces numerous concepts, policy frameworks, and company procedures, as well as best practices, guidelines, and risk management approaches, vis a vis affected digital (OT and IT) systems of shipping companies. The module will enable tomorrow’s junior maritime professionals, shipping managers, and maritime information systems specialists to safeguard fleets, vessel systems, and shipping business information systems ashore. The module aims at raising awareness and fostering hard and soft skill development for maritime employees on cybersecurity best practices to foster a security-conscious business culture.

Upon  successful completion of this module the learner  will be expected to be able to:
Knowledge:
•    Understand the cybersecurity threats, vulnerabilities, and risks to a shipping company.
•    Gain an understanding of ship operations as well commercial operations and systems, ashore, that shipping companies need to protect.
•    Understand the critical vessel systems i.e. bridge systems, navigation, ship networks that entail cybersecurity actions.
•    Gain an understanding of the fundamentals of risk management for maritime cybersecurity.
•    Recognize the profiles and strategies of adversaries targeting maritime operations.
•    Human factor and social engineering aspects
•    Emergent aspects: autonomous ships vis a vis cybersecurity, trustworthy-AI for vessel and shipping company level activities.
Skills:
•    Recognize threats and vulnerabilities in maritime operations.
•    Understand the essential concepts and approaches to identify threats and vulnerabilities, assess risk exposure, develop protection and detection measures, establish response plans, respond to and recover from cybersecurity incidents.
•    Engage with interdisciplinary teams to design and implement cybersecurity plans in maritime settings.
•    Examine real-world maritime cybersecurity incidents to pinpoint risk management and incident management approaches.
Competencies:
•    Actively participate in maritime cybersecurity-oriented teams and projects, at various levels of decision-making.
•    Endorse and cultivate an environment of process-oriented communication and teamwork focused on maritime cybersecurity.
•    Frame and communicate the shipping management and supply chain management requirements and repercussions. instigated by cybersecurity realities.

CSP002_W_M: Human Aspects of Maritime Cybersecurity

This course navigates through the human aspects of maritime cybersecurity, examining the psychological, social, and organizational influences on security practices and decisions in a maritime context. Attendees will uncover insights into human vulnerabilities that cyber attackers target in maritime operations and acquire methods to cultivate a cybersecurity-aware culture within maritime organizations. It further highlights the vital importance of communication and collaboration at strategic, operational, and tactical levels specific to the maritime sector. Participants will investigate how proficient communication between maritime domains and effective decision-making can strengthen cybersecurity measures in maritime operations.

Upon  successful completion of this module the learner  will be expected to be able to:
Knowledge:
•    Gain an understanding of the psychological, social, and organizational elements that shape cybersecurity actions within the maritime domain.
•    Understand the critical role of communication and teamwork in bolstering maritime cybersecurity across different sectors.
•    How decision-making frameworks are used at strategic, operational, and tactical levels within maritime cybersecurity.
•    Recognize the profiles and strategies of adversaries targeting maritime operations.
•    Evaluate human-related threats and vulnerabilities in maritime contexts.
•    How to implement cybersecurity trainings in maritime operations
Skills:
•    Use effective communication plans tailored to maritime cybersecurity needs.
•    Detect and counteract human-centric threats and vulnerabilities in maritime operations.
•    Engage with interdisciplinary teams to tackle the human dimensions of cybersecurity in maritime settings.
•    Examine real-world maritime cybersecurity breaches to pinpoint human errors and lapses in communication.
•    Classify adversaries targeting maritime interests and scrutinize their tactics. 
•    Design and evaluate cybersecurity trainings tailored for maritime domains.
Competencies:
•    Lead the discussions pertinent to maritime cybersecurity at various levels of decision-making.
•    Cultivate an environment of transparent communication and teamwork focused on maritime cybersecurity.
•    Understand the needs of training within cybersecurity

CSP002_S_M Human Factors in Maritime Cybersecurity

This course navigates through the human aspects of maritime cybersecurity, examining the psychological, social, and organizational influences on security practices and decisions in a maritime context. Attendees will uncover insights into human vulnerabilities that cyber attackers target in maritime operations and acquire methods to cultivate a cybersecurity-aware culture within maritime organizations. It further highlights the vital importance of communication and collaboration at strategic, operational, and tactical levels specific to the maritime sector. Participants will investigate how proficient communication between maritime domains and effective decision-making can strengthen cybersecurity measures in maritime operations.

Upon  successful completion of this module the learner  will be expected to be able to:
Knowledge:
•    Gain an understanding of the psychological, social, and organizational elements that shape cybersecurity actions within the maritime domain.
•    Understand the critical role of communication and teamwork in bolstering maritime cybersecurity across different sectors.
•    How decision-making frameworks are used at strategic, operational, and tactical levels within maritime cybersecurity.
•    Recognize the profiles and strategies of adversaries targeting maritime operations.
•    Evaluate human-related threats and vulnerabilities in maritime contexts.
Competencies:
•    Understand the discussions pertinent to maritime cybersecurity at various levels of decision-making.
•    Cultivate an environment of transparent communication and teamwork focused on maritime cybersecurity.
•    Reflect on cybersecurity decision-making with the understanding of how human factors are related in the maritime arena.
•    Identify human-centric threats and vulnerabilities in maritime operations.