Interrelation Between Cyber Security Threats and the International Safety Management Codes
Students Name
Institution Affiliation
Tutor
Course
Date
Interrelation Between Cyber Security Threats and the International Safety Management Codes
Modern ships are increasingly relying on systems that are heavily reliant on integration, automation, and digitization, which makes cyber threat management in these ships increasingly difficult. This is due to significant advancements in technology in recent years. Modern ships can now network together both operational technology and information technology, allowing them to connect to the internet as a result of technological advancements. With the use of information technology and digital operations on ships, there is a risk of malicious attacks or unauthorized access to the ship’s networks and systems, which must be addressed. In addition, individuals on board the ship may pose a threat by gaining access to the ship’s systems and subsequently installing malicious software on the system through the use of removable media. In order to combat the threats posed by digitalization on ships, cyber security and ISM collaborate to achieve the same goal of providing safe management operations. The cyber security threat and the ISM are interconnected in a variety of ways depending on how they operate.
For starters, there is a connection between the cyber security threat and the international safety management code in that they both specify who is authorized to perform specific roles on board the ship. A shipping company can identify key personnel who will be responsible for specific responsibilities and roles in the area of cyber threat management (Ani & Tiwari, 2019). When a disruption occurs in the operation of the ship, the defined personnel are capable of recognizing and identifying assets, systems, capabilities, and data that may pose a threat or risk to the ship’s operation. The ISM codes allow for the proper screening of passengers prior to their embarkation on board the ship. Individuals who are in possession of items that pose a risk or a threat to the ship’s management operation are not permitted to board the vessel. In the ship, proper identification of personnel to perform specific roles and responsibilities in relation to risk management results in a smooth operation of management operations on board.
Two other connections exist between cyber security threats and information system management: they both generate and carry out activities that are critical for detecting cyber threats in a timely manner. The management of a shipping company always includes a specific technology to allow for the logging in and real-time correlation of information. The technology enables management to identify suspicious network activity and take appropriate action. On the other hand, log-in technology will allow the ship’s management to keep track of every passenger onboard and reduce the likelihood of unauthorized access to the ship. In order to identify insider threats, the shipping company’s management must pay close attention to the online and in-person activities of authorized employees. Employers who are proactive in observing their employees’ behavior may be able to identify a potential mischievous insider before he or she can disrupt ship operations or exfiltrate the company’s information and data. The early detection of a cyber threat reduces the likelihood of the ship’s operations being disrupted.
Furthermore, both cyber security and international safety management are in place to ensure that the ship’s operations are protected. The implementation of risk control measures and processes helps to keep the shipping company’s operations safe. Furthermore, contingency planning can help to ensure that the ship’s operations are not jeopardized. It protects the systems of the ship against any cyber-event (Størkersen, Antonsen, & Kongsvik, 2017). Through proper supervision of the workers, suspicious behavior among the employees can be identified early on, which helps to reduce the risks posed to the systems. It also ensures that every passenger on board is properly monitored, which reduces the likelihood of malicious malware being introduced into the system by the passengers. Additionally, ISM codes ensure that the shipping company uses environmentally friendly chemicals, which helps to reduce environmental pollution (Strkersen et al. 2017). In order to ensure that shipping data and information are kept safe, the ship must be protected against any malicious behavior. The smooth operation of the ship is ensured when the ship’s systems are properly protected.
Besides, both cyber security and ISM respond to any threat in a timely and proper manner after its occurrence, whether it is an operational threat or information technology threat. The management creates and executes plans and activities that offer pliability and restores system essential for the operations of the ship or impaired services due to cyber-event (Størkersen, 2018). The management identifies and recognizes measures that restore and backs-up the cyber threat system affected by the cyber threat and is important for the shipping activities. The pack up plan is more effective when implemented before the system has not been affected but can be done even after malfunctioning of the system. The back-up plan and activity should ensure that the system resumes operation as quickly as possible to ensure the continuity of the shipping operations. Absence of a back-up plan may result in permanent damage of the system resulting to use a huge amount of finance to be repaired or replaced (Størkersen, 2018). Proper recovery plan ensures proper operation of the ship and in turn may reduce injuries and deaths that may be associated with cyber-crime. Managers of the shipping company may develop recovery and back-up plans by observing and comparing the previous and current attacks when those activities last occurred.
Finally, both international safety management employees and the person offering cyber security are well and properly trained to identify any threat to either the ship’s operation or the environment. It has been identified that the weakest connection concerning cyber threat is errors caused by human factor (Ahmad, Desouza, Maynard, Naseer, & Baskerville, 2020). Management of the shipping company has the main responsibility of operating both the operation and information technology systems. They are also required to protect the passengers on board. Therefore, training the operators to timely and properly identify and respond to risks is an important element in improving cyber security. The operators are also trained on how to identify suspicious behaviour among themselves and in their passengers. It is supported that the weakest link when it comes to cyber security is still the human factor. Onboard personnel have a key role in operating the IT and OT systems onboard, as well as protecting them (Batalden & Sydnes, 2014). The workers must be aware of network security. The training makes them able to identify and recognize a cyber threat. The external threats may occur due to lack of knowledge or awareness by an employee. Therefore, proper and comprehensive training of important to ensure the workers are fully equipped with the knowledge concerning cyber security.
In conclusion, there is an improvement and enhancement of technology in the modern world. Every company is employing modern and digital devices in their daily work to increase efficiency and to reduce labour cost. Shipping companies are not left behind. They use systems that depend on integrations and automatically work to perform a particular function. Cyber threats have also increased due to improved technology. Due to that, both the person offering cyber security and the workers of the International Safety Management should jointly work together to achieve their main objective of protecting both the shipping operations and environmental pollution. In Many ways, ISM and the cyber security threat are interrelated, and they have a common goal.
References
Ahmad, A., Desouza, K. C., Maynard, S. B., Naseer, H., & Baskerville, R. L. (2020). How integration of cyber security management and incident response enables organizational learning. Journal of the Association for Information Science and Technology, 71(8), 939-953.
Batalden, B. M., & Sydnes, A. K. (2014). Maritime safety and the ISM code: a study of investigated casualties and incidents. WMU Journal of Maritime Affairs, 13(1), 3-25.
Ani, U. D., He, H., & Tiwari, A. (2019). Human factor security: evaluating the cybersecurity capacity of the industrial workforce. Journal of Systems and Information Technology.
Størkersen, K. V., Antonsen, S., & Kongsvik, T. (2017). One size fits all? Safety management regulation of ship accidents and personal injuries. Journal of Risk Research, 20(9), 1154-1172.
Størkersen, K. V. (2018). Bureaucracy overload calling for audit implosion: A sociological study of how the International Safety Management Code affects Norwegian coastal transport.
