Cybersecurity, deltid

Schedule

Semester start: May 2025

Semester end: 15. November 2025

All mandatory assignments must be completed within the 15th of November. 

Course content

• Current threat situation. How serious is the current cyber security threat situation in the maritime sector today? Which way is it trending? Who are most at risk for cyber-attacks in the maritime industry today, and what are the consequences for the individual sailors versus the big shareholders at the top?
• The Overarching Cyberthreats of Modern-Day shipping. Cyber threats that modern shipping faces, from malware targeting operational systems to sophisticated social engineering attacks aimed at crew and port personnel. Human error is often cited as being one of the most significant risk factors in cyber security breaches. What kind of training gaps exist for ship crews in cyber security, and how can someone unintentionally allow a cyber security breach as a result?
• The global standard for cybersecurity. The world has become increasingly digitalized in the last thirty years; what have the standards in the industry been so far and how do these standards ensure protection against cyber threats? 
• Threats and digital transformation. With the maritime industry increasingly embracing digital solutions, what are the overarching cybercity challenges that come with this technological advancement?
• The psychology behind cyber-attacks. Who is behind most attacks on the maritime sector? What is the psychology behind cyber-attacks? How do they choose their victims? What psychological tactics do they use to take advantage of the industry they attack?
• Common attach methods; Ransomware, GPS Spoofing and OT System attacks. 
• Threats within the value chain. A cyberattack on a single entity within the maritime, be it a supplier or a service provider, can escalate into a global issue. It could affect fuel prices, consumer goods availability, and even economic stability in some regions.
• Security events - handling. What are some of the key steps companies can take to prepare for and prevent security breaches? What is the process and technology used in the maritime industry to identify and detect a cyber security event? What are some effective containment strategies that maritime companies can employ to minimize the impact of a security breach?
• Security events - costs. What are the direct costs typically incurred by maritime companies in the wake of a cybersecurity breach, including emergency response, system recovery, and legal battles? What are the costs and considerations maritime companies should weigh when deciding whether to pay a ransomware demand or deal with the aftermath or not paying? How do security events affect the reputation of a maritime company, and what are the long-term financial implications of a breach in terms of reputation, trust, and partnership stability?
• Training for threat managing and handling. What are the core principles of cyber threat management that maritime organizations should build their security strategies on? I.e. simulation and scenario-based training and cypersecurity awareness training. 
• Insiders. What constitutes an insider threat in the maritime industry, and why are these threats so significant? I.e. misuse of access privileges, unauthorized sharing of sensitive information, and the introduction of malware through unsafe practices. What strategies can maritime organizations implement to mitigate the risks posed by insiders effectively?
• Social engineering - manipulating individuals into giving up confidential information. Why is the maritime industry, with its complex network of logistics and operations, particularly vulnerable to such tactics? How can maritime organizations build a culture that is resilient to social engineering attempts and what role does staff training play in this?