Course duration and level: 16 hours – Standard

Course objeCtives: 

According to the IMO Guideline MSC 96/4/1 dated 04th Feb 2016, MEASURES TO ENHANCE MARITIME SECURITY
– The Guidelines on cybersecurity on board ships, the course is designed to develop understanding and awareness
of key aspects of cybersecurity in response to the vulnerability of ships to cybersecurity risks and is not intended to
give technical guidance for the ship or personnel on board. On the basis of a risk-based approach to cybersecurity,
shipowners and operators are advised on how to assess their operations and develop procedures and actions to
maintain the security of cybersystems on board.
The course will support the company in establishing procedures, plans and instructions, including checklists as
appropriate, for relevant key shipboard operations.

Course Contents:

• Risks related to emails and how to behave in a safe manner. Examples are phishing attacks where the user clicks
  on a link to a malicious site
• Risks related to internet usage, including social media, chat forums and cloud-based file storage where data movement
  is less controlled and monitored
• Risks related to the use of own devices. These devices may be missing security patches and controls, such as anti-
  virus, and may transfer the risk to the environment to which they are connected
• Risks related to installing and maintaining software on company hardware, where the infection can be
  propagated, starting from infected hardware (removable media) or software (infected package)
• Risks related to poor software and data security practices where no anti-virus checks or authenticity verifications
  are performed
• Safeguarding user information, passwords and digital certificates
• Cyber risks in relation to the physical presence of non-company personnel, eg, where third-party technicians are
  left to work on equipment without supervision
• Detecting suspicious activity and how to report if a possible cyberincident is in progress. Examples of this are
  strange connections that are not normally seen or someone plugging in an unknown device on the ship network
• Awareness of the consequences or impact of cyberincidents to the safety and operations of the ship;
• Understanding how to implement preventative maintenance routines such as anti-virus and anti-malware, patching,
  backups, and incidence-response planning and testing
• Procedures for protecting against service providers’ removable media before they are allowed to be connected
  to the ship’s systems

Target Group

• CSO
• Ship Manager
• Security Auditor
• Security staff
• Master
• Ch. Eng
• Safety Officer
• Ch. Mate
• Ship Security Officer (SSO)
• PFSO

Attendance Certificates
RINA Academy Attendance Certificate

For more details, visit our website www.rina-academy.org