Bridging the Gap: Enhancing Maritime Vessel Cyber Resilience through Security Operation Centers
Nganga, Allan Kevin; Nganya, George; Lützhöft, Margareta Holtensdotter; Mallam, Steven; Scanlan, Joel
Peer reviewed, Journal article
Published version
Permanent lenke
https://hdl.handle.net/11250/3112843Utgivelsesdato
2023Metadata
Vis full innførselSamlinger
- Import fra CRIStin [3772]
- Institutt for maritime studier [202]
Sammendrag
Increasingly disruptive cyber-attacks in the maritime domain have led to more efforts being focused on enhancing cyber resilience. From a regulatory perspective, there is a requirement that maritime stakeholders implement measures that would enable the timely detection of cyber events, leading to the adoption of Maritime Security Operation Centers (M-SOCs). At the same time, Remote Operation Centers (ROCs) are also being discussed to enable increased adoption of highly automated and autonomous technologies, which could further impact the attack surface of vessels. The main objective of this research was therefore to better understand both enabling factors and challenges impacting the effectiveness of M-SOC operations. Semi-structured interviews were conducted with nine M-SOC experts. Informed by grounded theory, incident management emerged as the core category. By focusing on the factors that make M-SOC operations a unique undertaking, the main contribution of this study is that it highlights how maritime connectivity challenges and domain knowledge impact the M-SOC incident management process. Additionally, we have related the findings to a future where M-SOC and ROC operations could be converged.