ПИТАННЯ ВДОСКОНАЛЕННЯ КІБЕРБЕЗПЕКИ МОРСЬКОГО ТРАНСПОРТУ: ЗАРУБІЖНИЙ ДОСВІД

Abstract

An analysis of modern national publications shows that, although in Ukraine considerable attention is being payed to the general organization of maritime transport security, the due interest has not yet been shown to the new important area, such as the maritime transport cybersecurity. Therefore, the article touches upon the best practices in organizing the cybersecurity of marine ships. The assertion that the general danger of maritime transport has increased significantly in recent years is based on the facts of the introduction of information technology into the operational technologies of maritime transport. The bottom line is that information technology is closely linked to the Internet, and this is what, in the first place, makes the operational technologies of maritime transport open to deliberate external interference, which, according to experts, can provide external control of the vessel with the aim of capsizing, colliding or causing environment disaster. The general concern of the leading maritime states about the situation is confirmed by a number of documents, such as Resolution of the Maritime Security Committee MSC.428 (98), adopted on June 16, 2017 and requiring member states to take into account the management of cyber risks. The paper analyzes a typical approach to the development of an action plan for the organization of maritime cybersecurity on board a ship. The preliminary preparation steps are considered, ranging from updating passwords and software to training the team. It is indicated that today, all over the world, the direct development of such a plan is recommended to be carried out on the basis of the “The Guidelines on Cyber Security onboard Ships”, developed and supported by leading international organizations related to maritime transport operations. The plan created on the basis of this guide, in essence, is to manage cyber risks and boils down to the following: identifying internal and external threats, internal and external vulnerabilities; risk exposure assessment; development of measures to reduce these vulnerabilities; developing contingency plans; developing plans for recovery measures after cyber incidents. The general rise in the culture of personnel to a modern level is a necessary element of ensuring cybersecurity in maritime transport.