Forensic readiness within the maritime sector

ORCID

Abstract

Forensic investigation is an essential response strategy following a cyber-related incident, and forensic readiness is the capability to gather critical digital information and maximize its use as evidence. The effectiveness of this data is highly dependent on the readiness, quality, and trustworthiness of the data itself. Far from a passive post-analysis tool, there have been many instances where an organization has benefited from gathering, and using, digital evidence to improve their cyber-security and mitigate future incidents. This article examines the forensic readiness of the maritime sector, a core component of global trade and a unique combination of information/operational technology and people, to understand its investigation and mitigation capabilities. Once the readiness of maritime forensic investigation has been better understood, by comparing it to other sectors and using risk scenarios, this paper proposes actions toward improvement. These steps are built from established attempts to increase investigation capabilities and improve maritime cyber-security, but address the maritime sector specifically.

DOI

10.1109/CyberSA.2019.8899642

Publication Date

2019-01-01

Publication Title

2019 International Conference on Cyber Situational Awareness, Data Analytics and Assessment, Cyber SA 2019

ISBN

9781728102320

Embargo Period

9999-09-09

Keywords

Cyber, Forensic readiness, Maritime, Risk

This document is currently not available here.

Share

COinS