Charting New Waters with CRAMMTS: A Survey-Driven Cybersecurity Risk Analysis Method for Maritime Stakeholders
- UNCW Author/Contributor (non-UNCW co-authors, if there are any, appear on document)
- Bilge Karabacak (Creator)
- Institution
- The University of North Carolina Wilmington (UNCW )
- Web Site: http://library.uncw.edu/
Abstract: This article presents a novel survey-based cybersecurity risk assessment model, CRAMMTS (Cyber Risk Analysis Method for Maritime Transportation Systems), specifically designed for the maritime sector, addressing a critical gap in the literature. Our study contributes significantly in three ways: firstly, through a comprehensive critical literature review of 31 maritime guidelines and 95 scholarly articles, identifying the need for a new cybersecurity risk assessment method; secondly, by developing CRAMMTS, an adaptation of the ISRAM risk analysis method, incorporating the International Maritime Organization’s criteria and enabling participation from maritime professionals, especially policymakers and leaders. The third contribution is a case study, the practical appli- cation of CRAMMTS in surveying 80 maritime professionals, assessing their perception of cybersecurity risks, and identifying varying risk levels, with the highest associated with cyber threat actors. This approach proved effective in assessing risks at both tactical and strategic levels and providing a clear, quantitative risk metric for decision-making. Our research underscores the maritime sector’s need for a holistic, easily implementable cybersecurity risk analysis method that engages leaders and adapts to various Maritime Transportation System scopes, thereby enhancing cybersecurity risk assessment in this crucial domain.
Charting New Waters with CRAMMTS: A Survey-Driven Cybersecurity Risk Analysis Method for Maritime Stakeholders
PDF (Portable Document Format)
2308 KB
Created on 8/27/2024
Views: 73
Additional Information
- Publication
- Tatar, U., Karabacak, B., Keskin, O. F., & Foti, D. P. (2024). Charting new waters with CRAMMTS: A survey-driven cybersecurity risk analysis method for maritime stakeholders. Computers & Security, 145, 104015. https://doi.org/10.1016/j.cose.2024.104015
- Language: English
- Date: 2024
- Keywords
- Maritime cybersecurity, Cyber risk assessment, Information security risk, Senior leadership engagement, Survey-based methodology, Ship cybersecurity, Port cybersecurity