Maritime Cyber Risk Management Process: Case for American Liquefied Gas Carrier Item Type Thesis Authors Gu, JaHun Rights Download date 06/10/2021 14:39:39 Link to Item http://hdl.handle.net/20.500.12648/1685 (This page intentionally left blank) i Declaration This author declares the following: All materials throughout this thesis that are not own work of this thesis are identified and indicated with citations. No materials have been cited for which a degree has been conferred on me before this thesis. I have not been sponsored or supported by any organizations or institutes in writing this thesis. I have not been affiliated with any organizations or institutes the references of which are cited in this thesis. There exist no conflicts of interest throughout this thesis. I declare that the case study in chapter VIII was conducted in strict compliance to the limitations proposed to and agreed by the subject company. The contents of this thesis reflect personal views on the subject matter of this thesis which do not always correspond to and are not always endorsed by those of the State University of New York Maritime College. Signature: Date: April 1, 2021 Supervised by: Lawrence A Howard, Ph.D. State University of New York Maritime College Supervisor’s affiliation: Global Business and Transportation Supervised by: Captain Joseph Ahlstrom State University of New York Maritime College Supervisor’s affiliation: Marine Transportation Department ii Acknowledgement First, I sincerely thank my thesis supervisor, Dr. Lawrence A. Howard, for his generosity in the acceptance of my thesis proposal, supervision, and review of my thesis. His acceptance right in the middle of the rapidly tumultuous days of March 2020 under the COVID-19 pandemic played the crucial role in enabling me to continue the rest of my master’s program with little interruption. My thesis work while I work on a vessel far away from the campus must have been significantly challenged without his accommodation for his remote supervision. I also thank him for continuous support on research and engagement beyond this thesis. To my deepest regret and sadness, Dr. Howard was unable to continue his thesis supervision until the end due to a reason that I shall not disclose. However, I continue to thank Dr. Howard for all his efforts on my supervision and pray for his health and good luck all the times. I thank another thesis supervisor, Captain Joseph Ahlstrom, for assuming the final phase of thesis supervision. His graduate course on maritime cyber risk was the beginning point to writing this thesis. I thus regret to be unable to attend to the next course on maritime cyber risk management due to the COVID-19 pandemic and my seafaring career. I also thank Dr. Robert Edmonds, a faculty member of Global Business and Transportation, of State University of New York Maritime College, for his coordination in connecting Captain Ahlstrom for the assumption of the rest of my thesis supervision in the sudden event of Dr. Howard. I thank the faculty and staffs of Global Business and Transportation, of State University of New York Maritime College, for providing this master’s program and valuable lectures and ideas. Especially, I would like to express my personal gratitude to Lloyd Bistany of the Student Affairs for having provided valuable assistance on my troubles and concerns while I have been away from the campus. I sincerely thank the College for providing an asynchronous online experience with iii Blackboard without which my application and entire course of the program must have been impossible or significantly challenged under my carrier. The online delivery format of the program has enabled me to advance both my career and studies especially during the COVID-19 pandemic. As an employee, I thank my company for enabling me to sustain financial stability under this unforeseen crisis. Constant access to the Internet by a VSAT solution has played a critical role beyond description in completing my studies and this thesis even while I had been working on a vessel. The name of my company shall not be disclosed as per the agreement for the case study. I thank all authors of the bibliographies which expanded my knowledge and insights on the subject matter of this thesis. I sincerely thank IHS Markit for granting its generous permission to cite and reproduce 2020 Safety at Sea and BIMCO cyber security white paper. I thank all acquaintances and experiences made while I had stayed in New York City and travelled the USA during my stay in the campus. Despite being inadvertently interrupted due to the COVID-19 pandemic, my in-campus experience provided memorable, inspiring, and thought-provoking experiences which might be hard to obtain under my seafaring career. With these memories, I am delightful to consider the State University of New York Maritime College as my alma mater and New York City as my new home. Lastly and above all, I am thankful beyond description to my parents and brother for having supported my studies and all my decisions during this master’s program, despite challenging times which we are experiencing together. iv Abstract The entwinement of shipboard traditional and cyber assets and the unique and potentially severe hazards of a liquefied gas carrier necessitate the need of the robust implementation of a shipboard cyber risk management process. Academic research on maritime cyber risk management lack an empirical research on a shipboard system in operation and a broader coverage of regulatory and commercial insights in formulating such process. This thesis aims to propose a shipboard cyber risk management process with broader technological, regulatory, and commercial perspectives in the maritime transportation of liquefied gas cargo. Case study methodology is applied to describe the formulation and implementation of a shipboard cyber risk management process. Interpretive data collection is conducted to identify and review key stakeholders on the cyber risk management of American liquefied gas carriers and their relevant resources. A baseline of references is proposed to formulate a shipboard cyber risk management process. For this purpose, the cyberspace and vulnerabilities of the maritime industry is reviewed to identify considerations originating from a cyber environment, the maritime industry, and a vessel. Case study was conducted by reviewing documents and observing a cargo handling system commissioned on a liquefied petroleum gas carrier in operation. Asset-based risk assessment is conducted to determine quantitative risk impact value of and cyber threats to critical equipment. The study demonstrates how the integration of traditional and cyber assets in a cargo handling system introduce cyber threats and aggravate physical threats. Results demonstrates how existing company and shipboard practices can be enhanced to improve shipboard cyber resilience. v Table of Contents Declaration ....................................................................................................................................... i Acknowledgement .......................................................................................................................... ii Abstract .......................................................................................................................................... iv Table of Contents ............................................................................................................................ v List of Figures .............................................................................................................................. viii List of Tables .................................................................................................................................. x List of Appendices ........................................................................................................................ xii List of Abbreviations ................................................................................................................... xiii I. Introduction ........................................................................................................................... 1 A. Background ............................................................................................................... 1 B. Research Problem ..................................................................................................... 3 C. Research Objective ................................................................................................... 4 D. Methodology ............................................................................................................. 5 E. Thesis Overview ....................................................................................................... 6 II. Literature Review .............................................................................................................. 7 A. Overview ................................................................................................................... 7 B. Discussion ................................................................................................................. 9 C. Conclusion .............................................................................................................. 14 III. Cyberspace of Maritime Industry .................................................................................. 18 A. Digital Transformation in Maritime Transportation
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages343 Page
-
File Size-