ASSESSMENT

1. Identify a stakeholder in the maritime industry (port, shipping line, oil rig platforms, ferry, autonomous ships, etc.) of your choice that has been impacted by cyber-criminals and discuss the actual and/or potential implications of the attack. 

2. Analyse and evaluate one piece of a regulatory framework that addresses the issue of cyber security, and put forward its strength and weaknesses. 
Maritime cybersecurity is that the assortment of tools, policies, security ideas, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance, and technologies want to shield maritime organizations, their vessels, and their cyber setting.

3. Make five recommendations as to what mitigation measures can be taken to against cyber-attacks
Ships are increasingly using systems that rely on digitalization, integration, and automation, which call for cyber risk management on board. As technology continues to develop, the convergence of information technology (IT) and operational technology (OT) onboard ships and their connection to the Internet creates an increased attack surface that needs to be addressed.
Challenges in Maritime Cybersecurity
While the IT world includes systems in offices, ports, and oil rigs, OT is used for a multitude of purposes such as controlling engines and associated systems, cargo management, navigational systems, administration, etc. Until recent years, these systems were commonly isolated from each other and from any external shore-based systems. However, the evolution of digital and communications technology has allowed the integration of these two worlds, IT and OT.
The maritime OT world includes systems like:
•    Vessel Integrated Navigation System (VINS)
•    Global Positioning System (GPS)
•    Satellite Communications
•    Automatic Identification System (AIS)
•    Radar systems and electronic charts
While these technologies and systems provide significant efficiency gains for the maritime industry, they also present risks to critical systems and processes linked to the operation of systems integral to shipping. These risks may result from vulnerabilities arising from inadequate operation, integration, maintenance, and design of cyber-related systems as well as from intentional and unintentional cyberthreats.
Best Practices for Mitigating Maritime Cyber Threats
In 2017, the International Maritime Organization (IMO) adopted resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management System (SMS). The Resolution stated that an approved SMS should consider cyber risk management and encourages administrations to ensure that cyber risks are appropriately addressed in safety management systems.
The same year, IMO developed guidelines that provide high-level recommendations on maritime cyber risk management to safeguard shipping from current and emerging cyber threats and vulnerabilities. As also highlighted in the IMO guidelines, effective cyber risk management should start at the senior management level. Senior management should embed a culture of cyber risk awareness into all levels and departments of an organization and ensure a holistic and flexible cyber risk management regime that is in continuous operation and constantly evaluated through effective feedback mechanisms.
In addition, BIMCO has developed the Guidelines on Cyber Security Onboard Ships, which are aligned with the NIST Cybersecurity Framework. The overall goal of these guidelines is the building of a strong operational resilience to cyber-attacks. To achieve this goal, maritime companies should follow these best practices:
•    Identify the threat environment to understand external and internal cyber threats to the ship
•    Identify vulnerabilities by developing complete and full inventories of onboard systems and understanding the consequences of cyber threats to these systems
•    Assess risk exposure by determining the likelihood and impact of a vulnerability exploitation by any external or internal actor
•    Develop protection and detection measures to reduce the likelihood and the impact of a potential exploitation of a vulnerability
•    Establish prioritized contingency plans to mitigate any potential identified cyber risk
•    Respond and recover from cyber incidents using the contingency plan to ensure operational continuity.

QUESTION  Based on the above assessment please write a suitable and appropriate:
1.    Introduction
2.    conclusions,
3.     recommendations