Areas of Activity
for excellence in maritime cybersecurity
Research and Innovation
At the Maritime Cybersecurity Centre of Excellence, we aim to be a leading source of knowledge, innovation, and leadership in the field of maritime cybersecurity. We strive to conduct research that addresses our clients’ immediate needs and challenges, pushes the field boundaries, and contributes to the advancement of maritime cybersecurity.
To achieve this, our research and innovation activities focus on three key areas:
- Applied research: We conduct research that addresses practical and immediate cybersecurity challenges in the maritime industry. Our research findings inform the development of customised solutions for our clients and contribute to the overall improvement of cybersecurity practices in the industry.
- Fundamental research: We conduct fundamental research that advances the theoretical understanding of cybersecurity issues in the maritime industry. This research focuses on the exploration of new ideas and concepts and the development of new methods and tools that have the potential to transform the field.
- Innovation: We promote innovation by cre-ating an environment that fosters creativity, collaboration, and experimentation. Our team is encouraged to explore new ideas, develop prototypes, and test innovative solutions that have the potential to address emerging cybersecurity challenges in the maritime industry.
Our core values inform our research and innovation activities of excellence, innovation, and collaboration. We work closely with our clients, partners, and stakeholders to ensure our research is relevant, timely, and impactful. We also believe in the importance of knowledge-sharing and collaboration in advancing the field of maritime cybersecurity, and we actively seek opportunities to collaborate with other organisations, academic institutions, and researchers to reach our common goals.
The Cybersecurity Services Area at the Maritime Cybersecurity Centre of Excellence provides comprehensive and customised cybersecurity services to public and private organisations in the maritime industry. Our services are designed to help our clients identify, mitigate, and manage cybersecurity risks and threats to their operations, assets, and data.
Our approach to cybersecurity services is based on the following principles:
- Client-centric: We prioritise the needs and requirements of our clients and tailor our services to meet their specific cybersecurity needs. We work closely with our clients to understand their business objectives, identify their cyber risks and vulnerabilities, and develop customised solutions that address their unique challenges.
- Holistic: We take a holistic approach to cybersecurity, recognising that effective cybersecurity requires a comprehensive and integrated strategy that addresses all aspects of the organisation’s operations, including people, processes, and technology. We offer a range of cybersecurity services, including risk assessments, penetration testing, incident response, and compliance assessments, to provide our clients with a comprehensive view of their cybersecurity posture.
- Proactive: We believe in the importance of being proactive in cybersecurity rather than reactive. We help our clients identify and mitigate cybersecurity risks before they become incidents by providing ongoing monitoring, threat intelligence, and risk management services.
- Expertise-driven: Our cybersecurity services are delivered by a team of experts with extensive experience and knowledge of the maritime industry and cybersecurity best practices. We stay up-to-date with the latest cybersecurity trends, threats, and technologies and leverage our expertise to provide our clients with the best possible solutions and advice.
Education and Training
The Training and Education area delivers high-quality and comprehensive training and education programs on maritime cybersecurity for various audiences, including industry professionals, academics, and students. Our programs are designed to build the knowledge, skills, and awareness necessary to address the complex cybersecurity challenges facing the maritime sector.
Our approach to training and education is based on the following principles:
- Tailored: We tailor our training and education programs to meet our audiences’ needs and requirements. Our programs are designed to be relevant, engaging, and practical and are delivered by cybersecurity experts with extensive experience in the maritime industry.
- Multidisciplinary: We recognise that effective cybersecurity in the maritime industry requires an interdisciplinary approach integrating cybersecurity with other areas such as risk management, business continuity, and regulatory compliance. Our training and education programs cover a wide range of topics, including cybersecurity fundamentals, risk management, incident response, supply chain security, and regulatory compliance.
- Collaborative: We believe in the importance of collaboration and knowledge-sharing in building a resilient maritime cybersecurity community. Our training and education programs provide opportunities for participants to interact and collaborate with each other and our cybersecurity experts, exchange ideas and experiences, and learn from real-world case studies and examples.
- Continuous: We recognise that cybersecurity is rapidly evolving and that constant learning is essential for staying ahead of the latest trends, threats, and technologies. Our training and education programs are shaped to be continuous and ongoing, with opportunities for participants to update their skills and knowledge on a regular basis.
Our training and education programs include a variety of formats, including online courses, workshops, seminars, and conferences. We also collaborate with the university staff to provide bachelor’s and master’s programs in maritime cybersecurity.
professional effectiveness through organisational flexibility
Research and Innovation Department
The Research and Innovation Department at the Maritime Cybersecurity Centre of Excellence is responsible for conducting cutting-edge research and developing innovative cybersecurity solutions for the maritime industry. The department is composed of a team of cybersecurity researchers, engineers, and analysts who deeply understand the unique challenges and threats facing the maritime sector.
The department’s primary objective is to stay at the forefront of maritime cybersecurity research and innovation to provide our clients with the best solutions and advice. The department conducts research on various topics related to our areas of interest, such as network security, data protection, supply chain security, and risk management. They also conduct threat intelligence and analysis to identify emerging cyber threats and vulnerabilities in the maritime industry.
One of the key strengths of the Research and Innovation Department is its ability to translate research findings into practical and effective cybersecurity solutions. The department works closely with the Cybersecurity Services Department to develop customised cybersecurity solutions that meet the specific needs and requirements of each client. They also collaborate with other organisations and academic institutions to foster knowledge-sharing and innovation in maritime cybersecurity.
In addition to research and development activities, the Research and Innovation Department is also responsible for disseminating its findings and knowledge to the wider cybersecurity community. This includes publishing research papers, presenting at conferences, and participating in industry forums and working groups.
Cybersecurity Services Department
The Cybersecurity Services Department at the Maritime Cybersecurity Centre of Excellence is responsible for providing comprehensive and customised cybersecurity services to public and private organisations in the maritime industry. The department comprises a team of cybersecurity experts, engineers, analysts and researchers with extensive knowledge and experience in cybersecurity and the maritime industry.
The department’s primary objective is to help clients identify, mitigate, and manage cybersecurity risks and threats to their operations, assets, and data. To achieve this, the department provides a wide range of cybersecurity services, including:
- Risk assessments: The department conducts risk assessments to identify and assess cybersecurity risks and vulnerabilities in the client’s operations, systems, and networks. Based on the assessment, the department provides risk mitigation and management recommendations.
- Penetration testing: The department conducts penetration testing to identify vulnerabilities in the client’s systems and networks. This testing helps the client understand their security posture and improve their security controls.
- Incident response: The department provides incident response services to help clients respond to and mitigate cybersecurity incidents, such as data breaches or malware attacks.
- Compliance assessments: The department conducts compliance assessments to ensure that the client’s cybersecurity practices meet industry standards and regulatory requirements.
- Ongoing monitoring: The department delivers ongoing monitoring of the client’s systems and networks to detect and respond to cybersecurity threats promptly.
The Cybersecurity Services Department works closely with the Research and Innovation Department to ensure that the latest cybersecurity research and innovation inform our services. The department also collaborates with other organisations and academic institutions to foster knowledge-sharing and innovation in the maritime cybersecurity field.
Cybersecurity Training and Education Department
The Training and Education Department at the Maritime Cybersecurity Centre of Excellence is responsible for developing and delivering high-quality and comprehensive training and education programs on maritime cybersecurity for various audiences, including industry professionals, academics, and students. The department is composed of a team of cybersecurity trainers, educators, and instructional designers who possess extensive experience and knowledge in cybersecurity and the maritime industry.
The department’s primary objective is to build the knowledge, skills, and awareness necessary to address the complex cybersecurity challenges facing the maritime sector. To achieve this, the department provides a wide range of training and education programs, including:
- Online courses: The department offers online courses on various topics related to maritime cybersecurity, such as cybersecurity fundamentals, risk management, incident response, supply chain security, and regulatory compliance. These courses are designed to be self-paced, interactive, engaging, and delivered through a state-of-the-art learning management system.
- Workshops: The department conducts seminars on specific cybersecurity topics, such as threat intelligence, vulnerability assessments, and penetration testing. These workshops are designed to be hands-on and practical, with participants working on real-world scenarios and exercises.
- Seminars: The department organises seminars on emerging cybersecurity trends and issues, bringing together industry experts, researchers, and practitioners to exchange knowledge and experiences.
- Conferences: The department participates in and organises conferences on maritime cybersecurity, providing a platform for knowledge-sharing, networking, and collaboration among cybersecurity professionals, researchers, and practitioners.
- Tabletop Exercises: The department also organises tabletop exercises to help organisations in the maritime industry prepare for and respond to cybersecurity incidents. Tabletop exercises simulate cybersecurity incidents, allowing organisations to test their incident response plans, procedures, and communication protocols in a controlled and safe environment. Our tabletop exercises are designed to be interactive and engaging, with participants working together to identify and respond to simulated cybersecurity threats and incidents. The exercises are tailored to the specific needs and requirements of the organisation and are based on real-world scenarios and case studies.
The Training and Education Department works closely with the Cybersecurity Services Department to ensure that the latest cybersecurity practices and trends inform our training and education programs. The department also collaborates with other organisations and academic institutions to foster knowledge-sharing and innovation in the maritime cybersecurity field.
Our Commandments For Cybersecurity Ethics
1. Respect human rights and protect individuals’ privacy: We believe cybersecurity must be committed to human rights and individual privacy. We recognise the importance of protecting the personal information of individuals and ensuring that cybersecurity measures do not infringe on their fundamental rights.
2. Comply with legal standards and consecrated codes of practice: We recognise that compliance with legal standards and established codes of practice is essential to maintaining our clients’ and stakeholders’ trust and confidence. We are committed to upholding the highest ethical and professional standards in all aspects of our work.
3. Do not use technology to harm other people: We believe that technology should be used to promote the greater good and advance human progress. We reject the use of technology to harm or exploit other people and are committed to using our expertise to promote cybersecurity and protect against cyber threats.
4. Protect society and the common good: We believe cybersecurity is critical to protecting society and the common good. We recognise the importance of working together with our clients and stakeholders to develop and implement effective cybersecurity measures that promote safety, security, and resilience.
5. Be reliable, keeping and upholding trusted connections with people: We believe reliability and trust are essential to building and maintaining strong relationships with our clients and stakeholders. We are committed to being reliable and upholding the trust that has been placed in us.
6. Have a plan for coordinated vulnerability disclosure, preventing them from exposing the intended assets to cyber threats. Our goal is to prevent vulnerabilities from exposing intended assets to cyber threats and ensure that any vulnerabilities are addressed responsibly and on time.
7. We believe that coordinated vulnerability disclosure is essential to maintaining the security and integrity of our clients’ systems. We are committed to working with our clients and stakeholders to develop effective plans for identifying, assessing, and addressing vulnerabilities responsibly and promptly.
8. We recognise the importance of maintaining privacy and confidentiality in all aspects of our work. We are committed to disclosing data on a need-to-know basis and ensuring that sensitive information is always protected.