Ship owners’ cyber notation of choice: CYBER MANAGED
As cyber security moves into the spotlight, more and more ship owners and operators are turning to Bureau Veritas’ CYBER MANAGED notation to ensure compliance and cyber resilience.
The rise of smart and autonomous ship technology is revolutionizing the maritime industry, aiming to make operations safer, more efficient and more cost-effective. At the same time, the software controlled integrated systems driving these advanced vessels makes them more vulnerable. Ships are at risk of both cyber security breaches by ill-intentioned hackers and cyber safety incidents, the result of poorly managed systems and inadequate system protection. Both can have serious consequences, damaging companies’ reputations and costing them millions to recover their data.
Upping cyber resilience and security
To address and mitigate risk, ship owners and operators are investing in cyber resilience programs, determining ways to prevent and detect incidents while also implementing response and recovery plans. IACS’ recommendations for resilience (UR E 22) include establishing a registry of computer-based systems; managing the physical security of onboard systems; and having contingency plans for onboard computer systems. Furthermore, IMO is encouraging all maritime actors to ensure that safety management systems (SMS) which are under the IMO ISM Code, cover cyber risk management by 2021.
To help ship owners and operators comply with industry requirements and best practices, Bureau Veritas has developed the CYBER MANAGED notation. Our pragmatic approach to cyber security focuses on the implementation of manual security control procedures.
To be granted the CYBER MANAGED notation, ships must undergo a security risk assessment based on an initial mapping of onboard systems, which results in a practical set of mitigation measures based on system criticality. These include the development of a cyber security handbook and policy, technical protections for remote access and control networks, and staff training. In addition to verifying a more accurate picture of a vessel’s cyber security, CYBER MANAGED will enable ship owners to meet upcoming IMO requirements and prove their level of cyber management to external stakeholders.
Defining the future of cyber security
CYBER MANAGED is being applied to a growing number of ships, including entire fleets. The notation is gaining traction with ship owners across the maritime ecosystem, as well as ship managers, charterers, insurers and offshore operators. Bureau Veritas expects that more than 100 ships will be CYBER MANAGED in 2020.
As cyber security grows in importance, Bureau Veritas will continue pursuing its commitment to ship safety and leading the industry in cyber security research and development. As of 2020, Vincent Lagny, Bureau Veritas’ Head of Cyber Security & Safety, has been appointed chairman of the IACS Cyber Panel. This group aims to address cyber-related concerns and support the protection of human life, property and the marine environment, goals that Bureau Veritas shares and is committed to furthering.