APPROACH TO DEVELOPING A MARITIME CYBERSECURITY VIRTUAL TRAINING ENVIRONMENT
DOI:
https://doi.org/10.17770/etr2024vol2.8039Keywords:
cybersecurity, virtual training environment, cyber hygiene, training scenarios, computer virtualizationAbstract
The maritime industry is increasingly reliant on digital systems for navigation, communication, cargo management, and other critical functions. As these systems become more interconnected and technologically advanced, they also become vulnerable to cyber threats. A virtual training environment allows maritime personnel to simulate cyber attacks and practice responding to them, enhancing their preparedness and resilience against real-world cyber threats. Cyber attacks targeting maritime assets can have severe consequences, including disruptions to operations, financial losses, environmental damage, and even threats to human safety. By providing virtual training environments, maritime organizations can identify and mitigate cybersecurity risks before they escalate into actual incidents, thereby safeguarding their assets and operations.
Regulatory bodies, such as the International Maritime Organization (IMO) and various national maritime authorities, have established guidelines and regulations aimed at enhancing cybersecurity in the maritime sector. Developing a virtual training environment enables maritime organizations to ensure compliance with these regulations by training personnel on cybersecurity best practices and regulatory requirements. Conducting hands-on cybersecurity training in a real-world maritime environment can be logistically challenging and costly. A virtual training environment offers a cost-effective alternative by allowing personnel to engage in realistic cybersecurity scenarios without the need for physical equipment or resources.
This paper presents an approach to developing a maritime cybersecurity virtual training environment utilizing open-source software.
Downloads
References
P-L Sanchez-Gonzalez, D. Díaz-Gutiérrez, T.J. Leo, and L.R. Núñez-Rivas, “Toward Digitalization of Maritime Transport?”, Sensors, Vol. 19, Iss. 4, 2019. https://doi.org/10.3390/s19040926
C-H Chang, S. Wenming, Z. Wei, P. Changki, and Ch. Kontovas, Evaluating cybersecurity risks in the maritime industry: a literature review. In: Proceedings of the International Association of Maritime Universities (IAMU) Conference, October 29 – November 01, 2019, Tokyo, Japan.
International Maritime Organization, The International Ship and Port Facility (ISPS) Code, July 1, 2004.
International Maritime Organization, International Safety Management Code, July 1, 1998.
M. Canepa, F. Ballini, D. Dalaklis, and S. Vakili, Assessing the effectiveness of cybersecurity training and raising awareness within the maritime domain, 15th International Technology, Education and Development Conference, March 8-9, 2021, INTED2021 Proceedings, pp. 3489-3499. https://doi.org/10.21125/inted.2021.0726
G. Potamos, A. Peratikou, and S. Stavrou, Towards a Maritime Cyber Range training environment, IEEE International Conference on Cyber Security and Resilience (CSR), Rhodes, Greece, 2021, pp. 180-185. https://doi.org/10.1109/CSR51186.2021.9527904
C. Willems and C. Meinel, Online assessment for hands-on cyber security training in a virtual lab, Proceedings of the 2012 IEEE Global Engineering Education Conference (EDUCON), Marrakech, Morocco, 2012, pp. 1-10. https://doi.org/10.1109/EDUCON.2012.6201149
C. J. Bonk, Online training in an online world. Bloomington, IN: CourseShare.com, 2002.
Ge Jin, Manghui Tu, Tae-Hoon Kim, J. Heffron, and J. White, Game based Cybersecurity Training for High School Students, SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science Education, February 2018, pp. 68-73. https://doi.org/10.1145/3159450.3159591
T. van Steen and J. R.A. Deeleman, “Successful Gamification of Cybersecurity Training”, Cyberpsychology, Behavior, and Social Networking, 24:9, pp. 593-598, 2021. https://doi.org/10.1089/cyber.2020.0526
V. Krinickij and L. Bukauskas, “Challenges in Cybersecurity Group Interoperability Training”, In: Stephanidis, C., Antona, M., Ntoa, S., Salvendy, G. (eds) HCI International 2023 Posters. HCII 2023. Communications in Computer and Information Science, vol 1834. Springer, Cham. 2023. https://doi.org/10.1007/978-3-031-35998-9_38
M. Domínguez, D. Pérez, A. Morán, S. Alonso, M. A. Prada, and J. J. Fuertes, Remote training in cybersecurity for industrial control systems, 13th IFAC Symposium on Advances in Control Education ACE 2022: July 24 – 27, 2022, Hamburg, Germany. Vol. 55, Iss. 17, pp. 320-325, 2022. https://doi.org/10.1016/j.ifacol.2022.09.299
M. M. Yamin, B. Katt, and V. Gkioulos, “Cyber ranges and security testbeds: Scenarios, functions, tools and architecture”, Computers & Security, Vol. 88, 2020. https://doi.org/10.1016/j.cose.2019.101636
I. Hassan, “Levereging Apache Guacamole, Linux LXD and Docker Containers to Deliver a Secure Online Lab for a Large Cybersecurity Course”, 2022 IEEE Frontiers in Education Conference (FIE), Uppsala, Sweden, 2022, pp. 1-9. https://doi.org/10.1109/FIE56618.2022.9962510
B. Nikolov and Y. Tsonev, Utilizing Moodle and Apache Open Meetings in a Learning Management System. In: SECOND CONFERENCE ON INNOVATIVE TEACHING METHODS (ITM 2017) June 28-29, 2017, Varna, Bulgaria.
I. Chakarov, “Cyber Security as Part of the Contemporary Security Environment”, NRDC-GR Herald Magazine, Iss. № 8, pp. 7-10, July 2016 – January 2017.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Borislav Nikolov
This work is licensed under a Creative Commons Attribution 4.0 International License.
