Cyber security for in-service vessel

Protecting ships through organizational and technical measures

In-service vessels are a prime target for cyber attacks, due to their often limited layers of technical and operational cyber protection. Increasing cyber safety and security measures is non-negotiable for ship owners looking to avoid cyber interference and its dangerous and expensive consequences.

Bureau Veritas has developed a comprehensive cyber security framework for in-service vessels that helps owners protect their ships and comply with cyber security regulations. By working with our subsidiary, Bureau Veritas Solutions – Marine & Offshore, owners can develop and implement a customized cyber security management system. Bureau Veritas’ experts then use key classification rules to verify the proper implementation of cyber security measures and assess vessel compliance.

Key benefits

  • Develop a complete inventory of connected onboard and offshore systems, networks and equipment
  • Undergo a cyber risk analysis to identify systems and equipment vulnerable to cyber attacks
  • Develop and implement a cyber risk management policy
  • Implement effective organizational and technical procedures
  • Earn a CYBER MANAGED class notation
  • Comply with mandatory IMO regulations for cyber risk management for in-service vessels

Define a high-level cyber security policy

To begin their cyber security journey, ship owners must develop a complete inventory of at-risk systems. This inventory covers all onboard and some onshore Operation Technology (OT) and Information Technology (IT) systems and equipment. BV Solutions M&O supports owners in mapping a holistic overview of their connected systems, paving the way for a better understanding of potential risk areas.

Undergo key cyber risk analysis

Following the mapping of IT and OT systems, in-service vessels should undergo a cyber risk analysis that assesses threats and vulnerable areas. BV Solutions M&O can help owners determine relevant risks, evaluate equipment vulnerability to attack, and assess mitigation measures to be applied.

Develop cyber risk management policy and procedures

Once a cyber risk analysis has been conducted, ship owners can develop a cyber policy and procedures for cyber risk management tailored to their in-service vessel. BV Solutions M&O supports owners in creating a cyber policy that addresses onboard cyber security rules and defines crewmembers’ roles and responsibilities, in accordance with the International Safety Management (ISM) Code.

Bureau Veritas Solutions M&O

Comply with IMO regulations for cyber security

In-service vessels must comply with IMO Resolution MSC.428 (98) which requires ships to include cyber risk management in their safety management systems. Bureau Veritas helps owners of in-service vessels verify compliance with IMO regulations, ensuring that all aspects of their cyber risk management system have been properly implemented.

Earn our CYBER MANAGED notation

Owners of in-service vessels who have successfully developed a cyber risk management system using a risk-based methodology can earn Bureau Veritas’ CYBER MANAGED class notation. This notation proves that in-service vessels are compliant with IMO regulations, so ships can continue sailing safely worldwide.