Assessing risk to cyber systems


ISM Ready


To comply with the International Maritime Organization requirements, ship managers are now expected to implement resilient cyber risk management in their onboard practices and processes.

BV Solutions M&O ensures clients’ assets are ISM Ready by supporting them through robust organization, risk analysis and procedures that enable crews to deal adequately with any cybersecurity event.

Our added-value

We bring high-level cybersecurity expertise to shipowners through in-house cyber consultants with a proven track record in project delivery worldwide

We ensure clients have a clear view of their IT and their operational technology (OT) assets and operations, along with the knowhow to respond to a cybersecurity incident

We provide a comprehensive package consisting of data collection and restitution templates, procedure document outlines, and extensive risk assessment tools

To achieve alignment with International Maritime Organization (IMO) resolution MSC 428(98), we help our clients create four critical documents. Along with appropriate crew training and awareness, these documents form the pillars of a robust, pragmatic, and adapted cybersecurity management system.

Creating the repository

As a first step toward ISM readiness, our experts list all IT/OT assets and their interconnections in a document known as the repository. This includes systems, networks and equipment, including those devices that are connected to shore.

Cybersecurity risk analysis

Based on repository information, we perform cybersecurity risk analysis that determines levels of criticality for systems and equipment. These pertain to the shipowner’s environment, constraints, and expectations. After technical and organizational mitigation measures are applied, we check that the potential residual risk remains acceptable to the shipowner.

Establishing cybersecurity policy

We aid shipowners in creating and implementing a high-level document that describes their vision of roles, rules, and responsibilities for the whole fleet. This cybersecurity policy is then made available aboard all vessels. 

Constructing the cybersecurity handbook

Finally, we support owners and operators in codifying their cybersecurity procedures for critical equipment in a cybersecurity handbook accessible to relevant crew members. It describes the course of actions to adopt for monitoring, maintenance and incident response, in compliance with the rules outlined in the cybersecurity policy.

Photo de jérome FLOURY

Global Service Line Digital Services – Smart-Engineering Manager

BV Solutions M&O

We pride ourselves on bringing shipowners to a level of compliance with regulation that they thought they could not achieve.