Abstract:
The occurrence of NotPetya cyber-attack incident which targeted Maersk maritime shipping company in 2017 is considered as a wake-up call for the maritime sector. Not only it affected cyber realm, it did affect the physical realm as the attack had caused financial loss for the company and hampered the company’s operational activities. Other than Maersk, Europe has also experienced the Danish Shipping Authority (2012) and Port of Antwerp (2013) cyber-attack. These three incidents have demonstrated the severity of impacts resulted from a maritime cyber-attack. To prevent and mitigate the cyber and cyber-physical impact of this issue, a clear policy or guideline should be set. Hence, this thesis aims to analyze how EU implements its role under ENISA to develop maritime cyber security capability of Europe in order to have better risk management and mitigation against cyber-attack in maritime sector particularly the shipping line industry. The specific timeframe is set from 2017-2018. The methodology used in this study is qualitative methodology based on primary and secondary sources. In the end, the author finds out that After Maersk cyber-attack incident, mostly ENISA gives expert assistance in conducting working programs that have been going on for a long time. The release of two applicable guidelines for port cybersecurity and port cyber risk management has showed the seriousness of EU toward this issue. it is expected that it will bring overall changes and improvement in the sector regarding maritime cybersecurity prevention and mitigation in the region.
