CSP003_S_M: Cybersecurity Risk Management and Governance for Maritime

The Critical Infrastructure Security for Maritime MODULE aims at describing the maritime environment and specificities. A focus is done on the Maritime Systems and specificities as well as on international regulation. Common vulnerabilities of systems and applications are detailed.

Risk analysis, security plans, policies and processes, regulatory framework and security standards continuity and recovery measures are presented.

This module has been developed by C2B consulting a French SME specialized in maritime security and located in Toulon in the south of France.

------

This work has been funded by the European Union. Views and opinions expressed are however those of the authors only and do not necessarily reflect those of the European Union or Health and Digital Executive Agency (H A D E A).

Neither the European Union nor the granting authority can be held responsible for them. Under Project Agreement no. 101083594 

The CSP module 003, as part of the Cybsersecpro education and training project is designed to provide trainees and professionals with the knowledge and skills needed to apprehend evolving cyber threats in the maritime domain. Specifically designed for the maritime sector, this module goes beyond generic cybersecurity training to address the unique challenges of risks and vulnerabilities faced by the maritime administrations and operators. This training is part of EU Innovation Project namely "CyberSecPro". The aim to develop a large variety of materials that can be used by educators and trainers in cybersecurity. CyberSecPro’s ambition is to enhance the role of the Higher Education Institutes (HEIs) in offering hands-on and working-life skills for driving a trustworthy digital transformation in critical sectors of the economy. 

The CSP03 module is aiming at address the specific needs of :

• Managers and Leaders operating in operational positions of critical infrastructure and or Operators of essential services
• Working-life professionals all over the maritime digitalized domain
• SMEs and Public Sector Employees 

    It addresses cybersecurity of Critical Infrastructure, Operator of essential services as well as generic risk encountered by Maritime stakeholders

-   The course takes into account National specificities for critical infrastructure but also the ones regulating the EU NIS directive for Operators of essential services

-        It aims at presenting the Importance of data (EU Classified Information, Sensitive data, ….) in a EU framework

At least it will assess existing risks and present specific mitigation as Cryptography or even insurances which are an important pillar of risks in the maritime domain.

----

This module designed for maritime stakeholders aims at identifying risks for critical infrastructure to improve their resilience. The module addresses maritime critical infrastructure and operators of essential services as identified in the NIS directive - it represents a baseline of cybersecurity risk management in the maritime domain and it aims at equipping participants with the knowledge and skills necessary to manage cyber security risks.

----