Guidelines - Cyber Risk Management for Ports
This report aims to provide port operators with good practices for cyber risk assessment that they can adapt to whatever risk assessment methodology they follow. In order to achieve this, this report introduces a four-phase approach to cyber risk management for port operators, which follows common risk management principles and is mapped to the steps of the risk assessment methodology that is laid out in the ISPS Code and relevant EU legislation for Port and Port Facility Security. For each of these phases, this report provides actionable guidelines to assist port operators in their efforts, lists common challenges associated with the performance of the relevant activities, good practices that can be readily adopted and customised by individual organisations and a mapping of the listed good practices for each phase with the respective challenges they address.
- Published
- Language