Choose Location

26-09-2019 (Singapore)

P52292 Maritime Cyber Security Seminar
Download Brochure Request

Register your interest

Comments

Register your interest

Comments

Maritime Cyber Security Seminar

26 – 27 September 2019 | Mandarin Orchard Hotel, Singapore

Book Now Download Brochure

SPECIAL 1 + 1 OFFER. REGISTER 2 DELEGATES AT THE PRICE OF ONE.

overview

Key Learning Outcomes

  • The principles and emerging trends in maritime cybersecurity, including analytics, critical infrastructure, key threats and risk assessment
  • Adopt risk-based cyber best practices: Planning, fieldwork execution, reporting
  • Understand the attack methodologies and life cycle in network, application and cryptography attacks
  • Cyber Threat Landscape – Latest trends and vulnerability identification
  • Technologies, connectivity and cyber risk assessment – ship board and terminal systems
  • Protection measures on-board vessels and at ports/terminals
  • Find out how to analyse and respond in the event of a cyber threat – incident preparation and detection best practices
  • Developing a pragmatic cyber risk framework
  • Training guidelines for crew, agents, service providers and on-shore parties
  • Cyber risk response and business continuity
  • Discuss options available for cyber security technologies and cyber liability, insurance

Unique Feature and Highlights

  • Practical, real life examples and sample checklists on critical areas of concern in cyber security
  • Hands-on exercises including how to exploit vulnerabilities and defend against them on vessels
  • Demos, videos, quizzes to reinforce participants’ understanding of key cybersecurity principles
  • Case Study – Large shipping company infected with the malware that cost them $300m to remediate
  • Case Study – Has your vessel been compromised? How to investigate the vessel has not been compromised
  • Demo: Live hacking of vessel
  • Demo: VSAT and GPS System hack

Who Should Attend

This programme will benefit both IT and non-IT professionals from shipowners & managers, charterers, classification societies, port & terminal operators, and marine service providers:

  • Personnel responsible for IT Governance, IT Risk Audit and Information Security
  • Network Security
  •  e-Crime / Business Crime
  • Disaster Recovery
  • Business Continuity
  • Innovation
  • Fleet Directors, Ship Captains / Masters
  • Risk Professionals
  • Ship & Port Agents

pricing

Packages Price
2 Day TrainingSGD $3495SGD $3295Early BirdEarly Bird

Early Bird Rate: Register and Pay on or before 2 August 2019

Special 1 + 1 offer. Register 2 delegates at the price of one.
For Group Registrations, email register@ibcasia.com.sg or call +65 6508 2401
First come first served and subject to organisers’ final review to accept/reject registration.

 

  • Special Group Discount pricing is applicable to groups of 2 or more delegates from the same organisation registering for the same event, at the same time.
  • Fee stated is the discounted price PER DELEGATE. Only one discount applies – either the early bird rate OR the Special Group Discount.
  • All fees stated include luncheons, refreshments and complete set of documentation. It does not include the cost of accommodation and travel.
  • A 7% Goods & Services Tax (GST) is applicable to all Singapore based companies for Singapore venue.

trainer

Manish Chawda Maritime Cyber Security Seminar

Manish Chawda

Partner in Pragma Singapore

Agenda

CYBERSECURITY IN THE MARITIME INDUSTRY

  • Introduction to cybersecurity and key principles
  • Systems and connectivity in the marine supply chain
  • Financial, Legal and operational implications
  • IMO Safety Management Systems (ISM CODE 2021)
  • Digital trends in maritime industry

CYBER THREAT LANDSCAPE – LATEST TRENDS AND VULNERABILITY IDENTIFICATION

  • Key threats, threat actors and motivations
  • Cyber underground
  • Supply chain risks
  • Assess risk exposure (Ship perspectives) and impacts
  • Assess on-shore risk exposure (ports sector) and impacts

EXERCISE: TECHNOLOGIES, CONNECTIVITY AND CYBER RISK ASSESSMENT – SHIP BOARD AND TERMINAL SYSTEMS ATTACK METHODOLOGIES – OVERVIEW

  • Attack lifecycle – Learning the steps of launching a cyber-attack that breach vessels
  • Attack lifecycle – how attacks are launched?
    • Fundamentals behind attack methodologies Network attacks (Man in the middle, Ping of Death, DDoS), Wireless
    • Cryptography
    • Phishing
    • Social engineering, malicious software, trojans, viruses, ransomware
    • Rootkit, application vulnerabilities, SQL injection
    • Cross-site scripting (XSS), Cross-site request forgery (CSRF)
  • Frameworks of attack tools (Kali Linux, Metasploit, etc)
  • Threats posed by unauthorised access to vessel systems
  • Threats to interconnected vessels and autonomous infrastructure

PROTECTION MEASURES ON-BOARD VESSELS

  • BIMCO Guidelines on cyber security onboard ships
  • Crew training guidelines, crew requirements and operations in the event of cyber attacks
  • Electronic communication guidelines across ships, ports and authorities ashore
  • Cybersecurity quality for agents
  • Updating real-time information into owner’s vessel management system
  • Cyber risk management process with service providers in supplier agreements

EXERCISE: PROTECTION MEASURES FOR KEY OPERATIONAL TECHNOLOGY

  • Navigation Systems
  • Vessel Tracking Systems
  • Terminal Management Systems

FLEET CYBER SECURITY MEASURES – CASE STUDY

  • Fleet vulnerability management
  • Fleet-wide standard cyber security strategy
  • Potential new vulnerabilities
  • Risk assessment documentation
  • Fleet-wide remote scanning capability

PROTECTION MEASURES AT PORT / TERMINAL

  • Port automation and cybersecurity risks
  • Operational systems and data networks
  • Resilience exercises

PENETRATION TESTING (PT) CASE STUDIES

  • How PT can be used as a tool to improve enterprise security
  • What to expect from PT and best practices in adoption
  • PT strategies, categories and when to use
  • Fingerprinting, user harvesting, access control, privilege elevation

DEVELOPING A PRAGMATIC CYBER RISK FRAMEWORK

  • How companies manage cyber risks: Risk scenarios, application, mitigation measures
    • Cyber risk detection Identifying crown jewels and third-party relationships
    • Establishing threat awareness and ability to detect patterns
    • Applying cyber intelligence to identify and manage risks
    • How to proactively assess cyber risk?
  • Cyber risk prevention Planning and implementing “Secure by Design”
    • Securing risk-sensitive assets – Controls to mitigate known and emerging threats
    • How to assess and manage cyber risk and compliance?
    • Key security considerations: Design, requirements, strategy
  • Effective Cybersecurity audit approach
    • Risk-based audit methodology – best practices (planning, fieldwork, reporting, on-going activities)
  • Effective Cybersecurity audit approach and latest tools

EFFECTIVE CYBERSECURITY AUDIT APPROACH AND CYBER SECURITY RISK MANAGEMENT CASE STUDIES

  • Latest tools for cyber security risk management
  • Ship to shore systems
  • Jamming of navigation systems case study
  • Remote access control security
  • Maritime SATCOMS Cyber security

EXERCISE: CONTINGENCY PLANNING DEVELOPMENT

  • Disabled/manipulated electronic navigational equipment
  • Disabled/manipulated electronic industial control systems and other critical systems
  • What to do with unconfirmed data threat?
  • Handle ransomeware incidents
  • Operational contingencies

INCIDENT ANALYSIS INVESTIGATING CYBER INCIDENTS

  • Incident exercises and preparation
  • Incident detection and analyses
  • Containment, eradication and recovery

CYBER RISK RESPONSE AND BUSINESS CONTINUITY

  • Prepare, plan, exercise, simulate, wargame
  • Building and maintaining a response plan
  • How to react quickly to cyber-attacks and reduce the impact?
  • Cleaning up, business continuity and disaster recovery planning
  • PR Intervention and Legal assistance

CYBERSECURITY INSURANCE

  • Liability, Charterparties, Claims and P&I
  • Standard protection packages – an overview
  • Key insuring clauses (privacy, network security, media, cyber extortion, data asset loss, business interruption loss, recovery costs, incident response expenses, regulatory penalties etc)

when & where

26 - 27 Sep 2019

Mandarin Orchard Singapore, by Meritus
333 Orchard Road, Singapore 238867
Tel: +65 6831 6062 | Fax: +65 6737 3130
Mobile No.: +65 8298 9442
Contact Person: Tan Ai Li
Email: aili.tan@meritushotels.com
Website: www.meritushotels.com

On-site & in-house training

Deliver this course how you want, where you want, when you want – and save up to 40%! 8+ employees seeking training on the same topic?

Talk to us about an on-site/in-house & customised solution.

STAY UPDATED ON OUR NEWS & EVENTS

IBC Asia is Singapore's leading event organiser. We conceive, develop and promote our own B2B industry conferences and corporate training courses, and offer tailored managed event solutions.

Find out more