SOME PROBLEMATIC ISSUES OF IMPLEMENTING CYBERSECURITY STANDARDS IN MARITIME TRANSPORT

Abstract

The purpose of the study is to investigate possible ways to implement and disseminate cybersecurity standards in maritime transport to meet the requirements of the International Maritime Organization. This goal is achieved by analysing the content of Resolution MSC.428(98) - Maritime Cyber Risk Management in Security Management Systems with a view to disseminating cybersecurity measures in maritime transport. The role of the Ministry of Infrastructure of Ukraine in regulatory and legal regulation in the field of maritime information security is determined. The insufficient effectiveness of the Ministry in formulating specific steps for information security and information protection, which relate to the specifics of organizing these activities in the field of maritime transport and cargo transportation, port operations, and on individual ships is proven. The content of the Law of Ukraine "On the Basic Principles of Ensuring Cybersecurity of Ukraine" was analysed. It is established that the requirements of this Law need to be adapted for competent use on a particularship or port facility. The main threats to shipboard information resources: unauthorized access to satellite information exchange channels between the ship and its control office; distortion of GPS navigation data received by the ship; unauthorized access to the satellite channel for operational control of the ship are outlined. Measures to prevent cyber risks of intruders penetrating the ship/port interface into the navigation information system, maritime operational communication system, and scheduled equipment maintenance system were identified The goals, motives, possible consequences, and risks of introducing industrial artificial intelligence systems into the operation of ships, ports, and shipping companies were revealed, and the need for a thorough audit of a shipping company covering certain areas of the artificial intelligence system was identified. The most significant results are a thorough analysis of organizational risks and an unbiased assessment of bottlenecks in the shipping company's cybersecurity system and proposals for improving the state of work in protecting the company's interests from hacker threats. The significance of the results obtained lies in the study and identification of possible ways to implement and disseminate cybersecurity standards in maritime transport to meet the requirements of the International Maritime Organization. Thus, the studies conducted have shown the need to intensify the efforts of all stakeholders to accelerate the application of the entire proposed set of cybersecurity standards in maritime transport.