DevSecOps Integration in Cruise Industry Systems: A Framework for Reducing Cybersecurity Incidents

Article Sidebar

View Abstract pdf download pdf View pdf
DOI https://doi.org/10.18090/samriddhi.v13i02.15
Published Dec 15, 2021
DOI https://doi.org/10.18090/samriddhi.v13i02.15

Main Article Content

Suresh Vethachalam
Centene Corporation, St Louis, USA.

Abstract

The cruise industry has undergone significant digital transformation, integrating advanced IT and operational technologies to enhance navigation, onboard services, passenger experiences, and operational efficiency. However, this rapid evolution has simultaneously expanded the cybersecurity attack surface, exposing cruise lines to increasingly sophisticated threats such as ransomware, data breaches, and system intrusions. Traditional security approaches, which often treat cybersecurity as a final-stage concern, have proven inadequate for protecting the dynamic and distributed architectures typical of maritime systems.
This article presents a tailored DevSecOps framework designed to embed security early and continuously throughout the software development lifecycle in cruise industry systems. By aligning continuous integration/continuous delivery (CI/CD) practices with automated security testing, infrastructure as code, and runtime threat detection, the proposed approach enables a proactive and resilient security posture. Drawing on principles of risk-based prioritization and shift-left security, the framework addresses the unique constraints of maritime operations, including intermittent connectivity, hybrid legacy systems, and regulatory compliance.
The paper also outlines implementation strategies, evaluates hypothetical use cases, and identifies measurable benefits such as reduced mean time to remediation (MTTR), improved vulnerability management, and enhanced regulatory readiness. Ultimately, it argues for a paradigm shift in how cruise operators, vendors, and regulators approach cybersecurity moving from reactive containment to integrated, preventive defense through DevSecOps.

Downloads

Download data is not yet available.

Article Details

How to Cite
Vethachalam, S. (2021). DevSecOps Integration in Cruise Industry Systems: A Framework for Reducing Cybersecurity Incidents. SAMRIDDHI : A Journal of Physical Sciences, Engineering and Technology, 13(02), 158-167. https://doi.org/10.18090/samriddhi.v13i02.15
Issue
Vol 13 No 02 (2021): SAMRIDDHI: A Journal of Physical Sciences, Engineering and Technology
Section
Articles

References

[1] Uzun, A. P. D., Uzun, Y. O., DrS, P., & Kharchenko, V. S. 23. SDN
IN CONTEXT OF DEVOPS TECHNOLOGY. Internet of Things for
Industry and Human Applications, 241.
[2] Fitzgerald, T. (2018). CISO COMPASS: navigating cybersecurity
leadership challenges with insights from pioneers. Auerbach
Publications.
[3] Fitzgerald, T. (2018). CISO COMPASS: navigating cybersecurity
leadership challenges with insights from pioneers. Auerbach
Publications.
[4] Christofferson, D. (2017). Managing Cybersecurity Risk for
the Coming Decade. In Women in Security: Changing the Face
of Technology and Innovation (pp. 23-46). Cham: Springer
International Publishing.
[5] Ojo, M. O., & Aramide, O. O. (2015, April). Various interference
models for multicellular scenarios: A comparative study. In
2015 Fifth International Conference on Digital Information and
Communication Technology and its Applications (DICTAP) (pp.
54-58). IEEE.
[6] Shkarupylo, V. V., Kudermetov, R. K., Skarga-Bandurova, I. S.,
Velykzhanin, A. Y., Shumova, L. O., Mazur, D. S., ... & Hodovaniuk,
P. A. (2019). Software de ned networks and Internet of Things.
[7] Marcu, G., Oan ă, R. M., Pleşanu, T., & Pînzariu, S. G. (2019,
October). Strategic map-planning instrument for the successful
implementation of the transformation strategy in the accepted
meaning of the balanced scorecard concept. In Romanian
military thinking international scienti c conference proceedings.
[8] Kumar, S. (2007). Patterns in the daily diary of the 41st president,
George Bush (Doctoral dissertation, Texas A&M University).
[9] Sunkara, Goutham. (2020). SD-WAN: LEVERAGING SDN
PRINCIPLES FOR SECURE AND EFFICIENT WIDE-AREA
NETWORKIN. International Journal of Engineering and Technical
Research (IJETR). 4. 10.5281/zenodo.15763279.
[10] Christo erson, D. A., Christo erson, & James. (2017). Women in
Security. Springer.
[11] Aramide, Oluwatosin. (2019). Decentralized identity for secure
network access: A blockchain-based approach to user-centric
authentication. World Journal of Advanced Research and
Reviews. 3. 143-155. 10.30574/wjarr.2019.3.3.0147.
[12] Satish Kumar Nalluri, Venkata Krishna Bharadwaj Parasaram.
(2019). Software-Centric Automation Frameworks Integrating
AI and Cybersecurity Principles. International Journal of
Engineering Science & Humanities, 9(1), 30–40. Retrieved from
https://www.ijesh.com/j/article/view/539
[13] Gill, J. (2020). Army prototyping technologies for next integrated
tactical network set. Inside the Army, 32(33), 1-8.
[14] Sunkara, Goutham. (2020). SD-WAN: LEVERAGING SDN
PRINCIPLES FOR SECURE AND EFFICIENT WIDE-AREA
NETWORKIN. International Journal of Engineering and
Technical Research (IJETR). 4. 10.5281/zenodo.15763279.
[15] Parasaram, V. K. B., & Nalluri, S. K. (2016). A Comparative
Analysis of Risk Management Frameworks in Enterprise IT
Projects. SAMRIDDHI : A Journal of Physical Sciences,
Engineering and Technology, 8(02), 147-155.
https://doi.org/10.18090/samriddhi.v8i2.7149
[16] Nalluri, S. K., & Parasaram, V. K. B. (2016). Early Approaches to
Robotic Process Automation in Enterprise Systems.
International Journal of Humanities and Information
Technology, 1(01), 12-28.
https://doi.org/10.21590/ijhit.01.01.06