Cyber security for in-service vessel
Improving ship cyber resilience through organizational and technical measures
In-service vessels are a prime target for cyber attacks, due to their increasing connectivity – and their potentially lacking effective protection. Implementing cyber safety and security measures is non-negotiable for ship owners looking to protect their business continuity from cyber attacks.
Bureau Veritas has developed a comprehensive cyber security framework for in-service vessels that helps owners protect their ships and comply with IMO Resolution MSC.(428)98. By working with our subsidiary, Bureau Veritas Solutions – Marine & Offshore, owners can develop and implement a customized ship cyber security management system. Bureau Veritas’ experts then use key classification rules to verify the proper implementation of cyber security measures and assess vessel compliance.
- Develop a complete inventory of connected onboard and offshore systems, networks and equipment
- Undergo a cyber risk analysis to identify systems and equipment vulnerable to cyber attacks
- Develop and implement a cyber risk management policy
- Implement effective organizational and technical procedures
- Earn a CYBER MANAGED class notation
- Comply with mandatory IMO regulations for effective cyber risk management for in-service vessels
Define a high-level ship cyber security policy
To begin their cyber security journey, ship owners must develop a complete inventory of connected systems. This inventory covers all onboard and some onshore Operation Technology (OT) and Information Technology (IT) systems and equipment. BV Solutions M&O supports owners in mapping a holistic overview of their connected systems, paving the way for a better understanding of the potential cyber surface of attack.
Undergo key ship cyber risk analysis
Following the mapping of IT and OT systems, in-service vessels should undergo a cyber risk analysis that assesses threats and vulnerable areas. BV Solutions M&O can help owners evaluate how critical equipment is, and assess mitigation measures to be applied.
Develop cyber risk management policy and procedures
Ship owners must develop cyber risk management policy and procedures for their whole in-service fleet. BV Solutions M&O supports owners in creating a cyber policy that addresses onboard cyber security rules, roles and responsibilities, in accordance with the International Safety Management (ISM) Code.
Comply with IMO regulations for cyber security
In-service vessels must comply with IMO Resolution MSC.428(98), which requires ships to include cyber risk management in their safety management systems. Bureau Veritas helps owners of in-service vessels verify compliance with this resolution, ensuring that all aspects of their cyber risk management system have been properly implemented.
Earn our CYBER MANAGED notation
Owners of in-service vessels who have successfully developed an effective cyber risk management system can earn Bureau Veritas’ CYBER MANAGED class notation. This notation proves that in-service vessels are compliant with IMO regulations, so ships can continue sailing safely worldwide.