Cyber security for in-service vessel
Protecting ships through organizational and technical measures
In-service vessels are a prime target for cyber attacks, due to their often limited layers of technical and operational cyber protection. Increasing cyber safety and security measures is non-negotiable for ship owners looking to avoid cyber interference and its dangerous and expensive consequences.
Bureau Veritas has developed a comprehensive cyber security framework for in-service vessels that helps owners protect their ships and comply with cyber security regulations. By working with our subsidiary, Bureau Veritas Solutions – Marine & Offshore, owners can develop and implement a customized cyber security management system. Bureau Veritas’ experts then use key classification rules to verify the proper implementation of cyber security measures and assess vessel compliance.
- Develop a complete inventory of connected onboard and offshore systems, networks and equipment
- Undergo a cyber risk analysis to identify systems and equipment vulnerable to cyber attacks
- Develop and implement a cyber risk management policy
- Implement effective organizational and technical procedures
- Earn a CYBER MANAGED class notation
- Comply with mandatory IMO regulations for cyber risk management for in-service vessels
Define a high-level cyber security policy
To begin their cyber security journey, ship owners must develop a complete inventory of at-risk systems. This inventory covers all onboard and some onshore Operation Technology (OT) and Information Technology (IT) systems and equipment. BV Solutions M&O supports owners in mapping a holistic overview of their connected systems, paving the way for a better understanding of potential risk areas.
Undergo key cyber risk analysis
Following the mapping of IT and OT systems, in-service vessels should undergo a cyber risk analysis that assesses threats and vulnerable areas. BV Solutions M&O can help owners determine relevant risks, evaluate equipment vulnerability to attack, and assess mitigation measures to be applied.
Develop cyber risk management policy and procedures
Once a cyber risk analysis has been conducted, ship owners can develop a cyber policy and procedures for cyber risk management tailored to their in-service vessel. BV Solutions M&O supports owners in creating a cyber policy that addresses onboard cyber security rules and defines crewmembers’ roles and responsibilities, in accordance with the International Safety Management (ISM) Code.
Comply with IMO regulations for cyber security
In-service vessels must comply with IMO Resolution MSC.428 (98) which requires ships to include cyber risk management in their safety management systems. Bureau Veritas helps owners of in-service vessels verify compliance with IMO regulations, ensuring that all aspects of their cyber risk management system have been properly implemented.
Earn our CYBER MANAGED notation
Owners of in-service vessels who have successfully developed a cyber risk management system using a risk-based methodology can earn Bureau Veritas’ CYBER MANAGED class notation. This notation proves that in-service vessels are compliant with IMO regulations, so ships can continue sailing safely worldwide.