Understanding your risk:
Identifying, analysing and evaluating risk, by understanding how systems and information is managed and controlled between different IT (Information Technology) and OT (Operational Technology) interfaces we can work out the Likelihood vs Risk of various situations and scenarios.
"“When it comes to the governance and oversight of cyber risk, our system is broken. It’s no longer what it used to be fifteen years ago - we are dealing with higher stakes and fragile corporate reputations. As a result of this, in 2023, we will see companies double down on cyber risk management."
Source: Karen Worstell, Senior Cybersecurity Strategist, VMware
By assessing the risk exposure before and after using this methodology cyber-attacks can be reduced with appropriate protection measures and controls.
Information assets, such as networks, hardware, systems, vessel data, passwords to critical vessel infrastructure, operational technology are identified and controls implemented to protect those assets. All this should be tracked an documented to understand what devices and systems onboard could present threats to the other systems onboard or the owner and guests. "Everything connected to the network, even if it's not."
For assistance with implementing a full asset register, tracking everything on the network and fully understanding the risks associated with with each item contact us.