Table-Top Exercise - Maritime Cyber Response
Table-Top Exercise Maritime Cyber Response
National level and multinational examination of cyber events, like those provided in a TTX deliver a unique platform to examine responses and gaps in authorities, response capabilities, investigative considerations, and the approach to notification. Annual exercises support improved collaboration and build trust. Exercises further support the development of a consistent, documented, and repeatable process to integrate national, international (and, as appropriate, private sector) partners to positively shape the security/response environment. Awareness of existing source documents, involved agencies, and coordinating mechanisms to maritime cyber threats helps to create alignment and awareness for the varied frameworks.
Cybersecurity threats in the maritime industry induce additional challenges by crossing the interlocking priorities, practices, and domains. Increasingly, these transboundary threats demand transboundary cooperation and coordination. Tabletop exercises are a powerful tool for aligning expectations, building common ground, and exploring potentially thorny obstacles to effective cooperation.
This TTX features scenario-based discussions that examine navigational software disruptions; malware targeting critical port infrastructure; and national-level information sharing, public-private cooperation, and multilateral information sharing considerations. Additional discussion will further examine the intersection of an array of government offices (e.g., operational, regulatory, investigative, diplomatic, and legal), the private sector (e.g.,port and terminal operators, shipping industry associations, maritime insurance companies); and partner nations. The discussion will provide participants with an opportunity to analyse challenges to improve awareness, capacity building, and ensure that stakeholders are not confronted with a cyber-threat for the first time when it needs to be addressed.
Substantive focus areas that will be raised in this discussion include highlighting the importance of timely notification or reporting of cyber incidents; dilemmas between recovering the affected systems as quickly as possible versus leaving the evidences for digital forensics investigations; process for information acquisition and exchange; determining an end-state; identifying the government agencies potentially involved in the response to malicious cyber activities; facilitating the timely exchange of information within a government and among nations; determining what can be shared and with whom; how government can share higher classification information with private organizations in order
to help them to protect their systems better when encountering imminent threats; protecting information; building trust; and public statements/warnings.
The overarching objectives are to demonstrate the value of exercises as an element of the cyber incident response process, to build up the bedrock of cooperation that will be called upon in times of crisis, to explore varied perspectives on exercises, and to share best practices in managing competing response interests.
Featuring
Brian Wilson
U.S. Global MOTR Coordination Center; U.S. Coast Guard/U.S. Department of Homeland Security
Brian Wilson is the Deputy Director of the Global Maritime Operational Threat Response (MOTR) Coordination Center, the U.S. Government’s office that aligns the response to maritime threats that could include malicious maritime cyber activities. He earned a ...
Read MoreMan Jun Hoe
Head of Joint Operations Readiness Division Cyber Security Agency of Singapore
Man Jun Hoe is the Head of the Joint Operations Readiness Division (JORD) in Cybersecurity Agency of Singapore. JORD ensures the operational readiness of CII sectors, including the maritime sector, to manage cybersecurity incidents through the national cyber ...
Read MoreMichael Wurster
U.S. Global MOTR Coordination Center (GMCC) U.S. Coast Guard/U.S. Department of Homeland Security
Michael Wurster serves as a facilitator in the U.S. Global Maritime Operational Threat Response (MOTR) Coordination Center (GMCC), the U.S. Government’s office that aligns the response to maritime threats. He is an active-duty U.S. Coast Guard officer with a ...
Read MoreCommander Brendan Sullivan
Staff Judge Advocate U.S. Coast Guard Cyber Command
Commander Sullivan is the Staff Judge Advocate for Coast Guard Cyber Command where he works with dedicated legal professionals who provide advice and legal services to Commander, CG Cyber and over five hundred personnel. Their efforts support cyberspace defense, ...
Read MoreMatthew Parker
Head of Maritime Security Strategy, Threat & Risk UK Department for Transport
Matthew is an experienced security professional and risk manager. At the beginning of his government career Matthew delivered cyber security training to information risk owners and senior officials. Helping develop more consistent, comprehensive approaches to ...
Read MoreRyan Chen
Head of Digital Forensic & Incident Response Group Cyber Security Agency of Singapore
Head of Digital Forensic & Incident Response Group, National Cyber Incident Response Centre – Cyber Security Agency of Singapore Ryan is the Head of the Digital Forensic & Incident Response (DFIR) group in the National Cyber Incident ...
Read MoreSee Yongyun
Chief Information Security Officer Jurong Port (JP) Singapore
See Yongyun oversees JP’s cybersecurity posture and is responsible for building up the organisation’s cyber resiliency towards evolving cyber threats. In this role, he focused on assessing risks and ensure they are monitored and minimised. He also ...
Read MoreLionel Chew
Assistant Director, Cyber Capability Development, Maritime and Port Authority of Singapore (MPA)
Mr Lionel Chew drives cybersecurity capability development for MPA to maintain Singapore’s position as a safe and secure global hub port. He and his team initiate and develop programmes for stakeholders with varying degrees of cybersecurity maturity, to ...
Read More