Maritime Cyber Security Training (MACSET)

Course Description

The ISM Code, supported by the IMO Resolution MSC.428(98), requires ship owners and managers to assess cyber risk and implement relevant measures across all functions of their safety management system, until the first Document of Compliance after 1 January 2021.

Course Content

Module 1: Cybersecurity, Threats, Actors and Motives

• Terminology

• Analyse threats.

• Actors motivation

• Case study

Module 2: Cybersecurity in the Maritime Industry

• Cybersecurity hazards on ships

• Cybersecurity hazards on shore

• Threat actor motivation in the Maritime world

• Case study

Module 3: IT Systems and 3rd Party Vulnerabilities

• IT shipboard systems

• 3rd party (vendors, insurers, clients, ship brokers) vulnerabilities

• Case study

Module 4: Maritime Cyber Risk Assessment and Mitigation Measures

• The importance of risk assessment on cyber attacks

• Risk assessment and management tools (KPIs)

• Types (APT, no-targeted) and stages of cyber-attacks against the shipping industry

• Case study

Module 5: Regulatory Framework, Best Practises and Basic Cyber-Hygiene

• Existing regulatory framework

• The human factor in cybersecurity

• Shipboard operations safety briefing

• Tools and policy measures to achieve effective and sustainable cyber-hygiene on board and ashore.

• Actions and reporting procedures in case of a cybersecurity breach.

Module 6: Cybersecurity and Safety Management System (SMS)

• Development of a comprehensive shipboard cybersecurity plan (CSP)

• Review of the CSP

• Monitoring and auditing the CSP

• Role of a cybersecurity officer (CySO)

• Functions of a Security Operations Centre (SOC)

• Cyber Incident Investigation and Emergency Response mechanisms