Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Dr. Spyros Papastergiou, University of Piraeus (Greece)–Dept. of Informatics M. Zaharias Singular Logic (Greece) CYSM Risk Assessment Methodology.

Published byLionel Powell Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Dr. Spyros Papastergiou, University of Piraeus (Greece)–Dept. of Informatics M. Zaharias Singular Logic (Greece) CYSM Risk Assessment Methodology."— Presentation transcript:

1 1 Dr. Spyros Papastergiou, University of Piraeus (Greece)–Dept. of Informatics paps@unipi.gr M. Zaharias Singular Logic (Greece) CYSM Risk Assessment Methodology & Tool Demonstration

2  Basic Concepts  CYSM Objectives  CYSM Risk Assessment Methodology  CYSM System Architecture & Services  CYSM System Demonstration Topics

3 Commercial Ports

4

5 Objectives  O1: To introduce a targeted risk management methodology for port CIIs, taking into account the protection of physical and cyber assets. The methodology will be aligned to relevant standards and legislation.  O2: To implement, deploy and evaluate an integrated security management system (for CII operators) enabling asset modeling, risk analysis, anticipation/management of attacks, as well as stakeholders’ collaboration.  O3: To increase the collaboration between European port stakeholders towards improved management of the physical and cyber nature of CIIs in a harmonized manner.  O4: To document best practices for integrated security management of port CIIs. Accordingly, to disseminate them to maritime policy-shaping groups (e.g., ECSA, ICS-ISF) and contribute towards an acceptable, applicable Integrated Maritime Policy (IMP).

6 Consortium PartnerRole PORT INSTITUTE FOUNDATION OF STUDIES AND COOPERATION OF THE VALENCIA REGION (FEPORTS) Project Coordinator UNIVERSITY OF PIRAEUS RESEARCH CENTRE (UPRC)Technical Manager SINGULARLOGIC ANONYMOS ETAIRIA PLIROFORIAKON SYSTIMATON & EFARMOGON PLIROFORIKIS (SiLo) Technical Partner Università degli Studi di Genova (DITEN)Technical Partner Piraeus Port Authority S.A. (PPA) Pilot Valenciaport Foundation for Research, Promotion and Commercial Studies of the Valencian region (VPF) Pilot Port-of-Mykonos (POM) (subcontractor of SiLo) Pilot

7 CYSM Risk Assessment Methodology CYSM Risk Assessment Methodology is oriented:  to cover the security and safety requirements on the demanding sector of commercial ports,  to assess all the physical and cyber facilities required for the robust and uninterruptible operation of ports  physical facilities such as buildings, platforms, gates, marinas, data centers, platform  cyber facilities such as networks, equipment, satellites, servers, relay stations, tributary stations, information, etc.

8 Requirements CYSM Risk Assessment Methodology should satisfy:  Compatible with standards (e.g. ISO27001, and ISPS code)  Multi-scope analytic: Be able to perform risk analysis using different scopes  Collaborative: Ensures collaboration among all port users  Broad analytic: Analyses sectoral, interconnected and interdependent threats  Time and resource economical: Avoids the plethora of questionnaires and frustrating interviews with all participants  Accurate: Derives accurate results  Good Functional requirements: Needs to be clear for all actors involved, precise, and measurable  Easy to implement: Easy to implement the methodology  Well documented: All steps of the methodology can be documented in clear format with clear outcomes for each step  Responsibility centric: Methodology has to be oriented to users’ role

9 General Approach of CYSM Methodology

10

11  Open Standards: adoption of peak technologies and worldwide accepted and mature standards  Interoperability: adoption of world-wide known and used open standards as the core communication protocol (Interconnection of many distributed and heterogeneous systems (Efficient & Quicker Integration)  Modularity: Complex systems consist of a large number of different modules that interact in a non-simple way, and tiers.  Reusability: all essential primary functions that can be easily reused, configured and customized in every service  Scalability & Extensibility: robust and extensible in order to efficiently support ports’ business activities  Security: five critical security requirements Authentication, Integrity, confidentiality, Non-repudiation, Availability  Privacy: support of mechanisms that provide effective and efficient management of users’ identities and access rights to the system Architectural Design Principles

12  Support for information security risk management knowledge codification  Support for information security management personalization  Support for collaboration  Role-specific content views  Descriptive approach Overall requirements

13 CYSM System Architecture

14 Security & Safety Management Services

15 Impacts for the Mediterranean Ports Raise their cyber and physical intelligence and culture Harmonize their digital security practices Improve the trust in the maritime environment Increase predictability and reduce uncertainty of business operations Provide the appropriate guidance to the ports’ personnel (selecting security countermeasures, upcoming threats, best practices and related regulations) Assist them on how to comply with legal and regulatory frameworks

16 Mykonos-GR

Download ppt "1 Dr. Spyros Papastergiou, University of Piraeus (Greece)–Dept. of Informatics M. Zaharias Singular Logic (Greece) CYSM Risk Assessment Methodology."

Similar presentations

Module N° 4 – ICAO SSP framework

Module N° 4 – ICAO SSP framework
DELOS Highlights COSTANTINO THANOS ITALIAN NATIONAL RESEARCH COUNCIL.

DELOS Highlights COSTANTINO THANOS ITALIAN NATIONAL RESEARCH COUNCIL.
Near East Plant Protection Network for Regional Cooperation & Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview on.

Near East Plant Protection Network for Regional Cooperation & Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview on.
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
Vehicle-infrastructure integration: creating co-operative mobility systems and services Hearing EU Parliament, 22 January 2009 Hermann Meyer, CEO.

Vehicle-infrastructure integration: creating co-operative mobility systems and services Hearing EU Parliament, 22 January 2009 Hermann Meyer, CEO.
1 Moderated by Gordon Gillerman National Institute of Standards & Technology November 10, 2010 Ninth Annual ANSI-HSSP Plenary: U.S. European Collaboration.

1 Moderated by Gordon Gillerman National Institute of Standards & Technology November 10, 2010 Ninth Annual ANSI-HSSP Plenary: U.S. European Collaboration.
Enterprise Architecture. 2 Agenda What is Enterprise Architecture (EA)? Roles in EA? Why is EA Important? Tangible Benefits from EA? What Do We Need to.

Enterprise Architecture. 2 Agenda What is Enterprise Architecture (EA)? Roles in EA? Why is EA Important? Tangible Benefits from EA? What Do We Need to.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Applying the ISO RM-ODP Standard in e-Government B. Meneklis 1, A. Kaliontzoglou 2,3, D. Polemi 1, C. Douligeris 1 1 University of Piraeus, Department.

Applying the ISO RM-ODP Standard in e-Government B. Meneklis 1, A. Kaliontzoglou 2,3, D. Polemi 1, C. Douligeris 1 1 University of Piraeus, Department.
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
The Knowledge Resources Guide The SUVOT Project Sustainable and Vocational Tourism Rimini, 20 October 2005.

The Knowledge Resources Guide The SUVOT Project Sustainable and Vocational Tourism Rimini, 20 October 2005.
Agricultural Biotechnology Network for Regional Collaboration and Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview.

Agricultural Biotechnology Network for Regional Collaboration and Knowledge Sharing Food and Agriculture Organization of the United Nations An Overview.
WP5 Digital Business Ecosystem Alessandra Benvenuti, INSIEL SpA (Friuli Venezia Giulia Region) ADC Final Conference Venice, March 13 th 2012.

WP5 Digital Business Ecosystem Alessandra Benvenuti, INSIEL SpA (Friuli Venezia Giulia Region) ADC Final Conference Venice, March 13 th 2012.
Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.

Justice Information Network Strategic Plan Development Justice Information Network Board March 18, 2008 Mo West, JIN Program Manager.
SecureAware Building an Information Security Management System.

SecureAware Building an Information Security Management System.
Laboratory Biorisk Management Standard CWA 15793:2008

Laboratory Biorisk Management Standard CWA 15793:2008
1 Process Engineering A Systems Approach to Process Improvement Jeffrey L. Dutton Jacobs Sverdrup Advanced Systems Group Engineering Performance Improvement.

1 Process Engineering A Systems Approach to Process Improvement Jeffrey L. Dutton Jacobs Sverdrup Advanced Systems Group Engineering Performance Improvement.
INFORMATION ASSURANCE USING C OBI T MEYCOR C OBI T CSA & MEYCOR C OBI T AG TOOLS.

INFORMATION ASSURANCE USING C OBI T MEYCOR C OBI T CSA & MEYCOR C OBI T AG TOOLS.
1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.

1 Identity and Transparency ( Bridging the GAPS of Governance Bridging the GAPS of Governance in eGov Initiatives in eGov Initiatives )‏ Badri Sriraman.
Regional Integration Cluster Olivier Hartmann - SSATP.

Regional Integration Cluster Olivier Hartmann - SSATP.

Similar presentations

Ads by Google