Specifically, the Information Assurance (IA) refers to the steps to be taken for the protection of information systems, consisting of confidentiality, integrity and availability.
In light of the rapid development of the digitalization, the shipping industry is today surrounded by increasingly complex Socio-Technical Systems (STS’s). The STS's are one perception of the complex work design that recognise the interaction between people and technology in workplaces.
STS's consist of human and social factors, tightly bound and interconnected, and the system's interconnection is the one that defines the system's performance.
The shipping sector is an example of a complex STS, keeping in mind that a vessel only functions because of a complex network of systems and people process, store and transmit critical information.
Except IA in the cyber security field, it is important to pay attention to additional cyber layers hiding along with IA.
Information Assurance consists of:
- Information states: Knowing and understanding the three states of information helps to understand what security measures you could apply.
- Cyber layers: Cyberspace no longer has perimeter boundaries and with the expotential growth of technology and connectivity it is key to understand the various cyber layers within our socio-technical enterprises.
- Security attributes: The parkerian hexad security attributes have been applied to provide assurance across all cyber layers for every information state.
In addition, it is commented that a number if businesses either are oblivious or highly complacent regarding their cyber risk exposure within this new environment.
Concluding, implementing information assurance in the information systems provides trusted, risk managed infrastructures which are safe, resilient, dependable and secure.