现在有货
£ 275
Cyber risk management should be an inherent part of safety and security and should be considered at all levels of the company, including senior management ashore and onboard personnel.
This workbook provides practical guidance for ship (Part One - Onboard Practical Considerations) and shore (Part Two - Shore Management Considerations), 包括技术部门, IT departments and equipment manufacturers. It is aligned with IMO Resolution MSC.428(98) and will also be useful to the wider maritime industry.
The fifth edition has been produced and supported by BIMCO and 大发黄金版网页版登录 (ICS).
It contains updated information on current threats and includes new sections on topics such as cargo management and passenger ships. Detailed case studies have been added to illustrate cyber risks in a memorable fashion.
This book is sold by a 3rd party vendor clicking the visit site button will take you to their website
作者 | Witherbys, 大发黄金版网页版登录 and BIMCO |
出版商 | Marisec |
版 | 第五版 |
月出版 | 2023 - 12月 |
国际标准图书编号 | |
装船重量 | g |
前言 缩写/定义 致谢 第1节-简介 1.1 Cyber Security Risk Management - IMO Requirements and Guidelines 1.1.1 Supporting Regulatory Guidelines 1.1.2区域规管指引 1.2航运网络展望 1.本手册的目的 1.4检查清单 1.5 Designated Roles and Responsibilities Part One - Onboard Practical Considerations 第2节-识别风险 2.1脆弱的船舶系统 2.2 What is a Maritime Cyber Attack? 2.3的威胁 2.3.1网络攻击类型 2.3.2社会工程 Section 3 - Protection, Prevention and Training 3.1防止恶意软件攻击 3.2软件更新 3.2.1 Updating programs that are not part of the Operating System 3.3 Endpoint Protection/Security Suite 3.3.1 Endpoint Protection更新 3.3.2 Checking if the Endpoint Protection Suite is up to date 3.4个密码 3.4.1创建密码 3.4.2密码长度 3.4.3管理密码 3.4.4密码交接 3.4.5万能钥匙 3.4.6用户名 3.5网络安全与短信 3.5.1 Cyber Security and the Ship Security Plan (SSP) 3.6 Crew Considerations and Training 3.6.1船员培训的关键方面 3.6.2 Cyber Security Familiarisation for Crew 3.6.3非船员培训 3.6.4 .设计培训计划 3.6.5 Unintentional Cyber Breaches by the Crew 3.6.6 Planning a Crew Training Session 3.6.7网络安全演练 3.6.8社交媒体 3.6.在网络安全模式下旅行 3.7 Ship Inspections and Port State Control 3.7.1 .港口国监督检查 3.7.2其他检查 Section 4 - Detect, Respond and Recover: General Principles 4.1检测网络Events 4.1.1介绍 4.1.2 Useful Tools Available to Help Detect Possible Malware 4.2Events响应 4.2.1第三方支持 4.2.2网络恢复方案 4.2.3备份 Section 5 - Ship's Business Systems 5.1车载商务电脑 5.1.1 USB接口和驱动器 5.1.2 USB端口阻断器 5.1.3个USB清洗站 5.1.4片 5.1.5个人设备和USB接口 5.2机上网络隔离 5.2.1隔离网络 5.2.2实现隔离网络 5.2.3 Maintaining a Segregated Network 5.2.4网络隔离的好处 5.2.船上5个易受攻击的系统 5.3无线网络 5.3.1商务WiFi 5.3.2机组WiFi 5.3.3 Guest访问 5.3.4 WiFi网络安全 5.3.5 VPN 5.4 Satellite Communications (Satcom) Equipment 5.4.1卫星通信密码 5.4.2 Satcom Visibility on the Public Internet 5.4.3卫星通信软件更新 5.4.4 Physical Security of the Satellite Terminal 5.4.5 Software Security of the Satellite System 5.5 Mobile (Cellular) Data Connections 5.6 Connecting to Shore WiFi in Port 5.6.1船员在岸上连接WiFi 5.7客船 第6部分- OT系统 6.1了解OT系统 6.2 Engine Department Considerations 6.3货物管理 6.4 ECDIS安全 6.4.1更新 6.4.2物理安全 6.4.3 ECDIS恢复 6.4.4 Recognising Genuine NAVTEX Messages 6.5 GNSS安全 6.5.1 GNSS输入数据 6.6其他桥梁系统 6.6.1 VDR 6.6.2 AIS Part Two - Shore Management Considerations 第7节-关键考虑因素 7.1 Cooperation Between the Office Departments and their Suppliers 7.1.1 IT Department and Technical Department 7.1.2确保供应链安全 7.1.3 .网络安全工作组 7.2 Cooperation Between the Office and the Ship's Crew 7.2.1 Maritime Cyber Security Management 7.2.2 Cyber Security and the Safety Management System (SMS) 7.2.3 Cyber Security and the Ship Security Plan (SSP) 7.2.4 Onboard 资源 According to Ship Type 7.3船舶网络架构 7.3.1 IDMZ 7.3.2 Data Diodes (Unidirectional Gateways) Section 8 - OT Systems Management 8.1 OT Asset Management and Risk Assessment 8.1.1资产管理 8.1.2资产风险评估 8.2 OT系统安全 8.3 Securing the Ethernet IP Network Used by OT Systems 8.3.1转换器安全 8.4 Intrusion Detection Systems (IDS) 第9节IT系统管理 9.1远程接入 9.2漏洞扫描 9.3渗透(渗透)测试 9.4 Endpoint Detection and Response (EDR) 9.5备份容灾 9.6 Uninterruptible Power Supply (UPS) for IT/OT Systems 检查清单 Checklist 1 - Cyber Security Familiarisation for New Crew Members Checklist 2 - Cyber Security Crew Training Checklist 3 - Detecting a Cyber Incident Checklist 4 - Responding to a Cyber Incident On Board Checklist 5 - Onboard Business Computer Checklist 6 - Network Segregation Checklist 7 - Networks (Wireless and Wired) Checklist 8 - Satellite Communications Checklist 9 - OT Systems for Crew Checklist 10 - ECDIS Cyber Security Checklist 11 - Cyber Security Checks on the Navigation Bridge Checklist 12 - Asset Management and Risk Assessment Checklist 13 - OT Systems for IT Department 检查表14 -远程访问 附件 Annex 1 - Cyber Security Assessment Annex 2 - Creating a Cyber Security Plan 附件3 -创建用户帐户 Annex 4 - Checking for Segregated Networks 附件5 - NMEA 0183 Annex 6 - Regional Regulatory Guidance 附件7 -进一步资源 |