Cyber safety and security
A holistic, risk-based approach to asset protection
Most ships and offshore assets today have remotely accessible and digitally connected onboard and onshore systems. Increased levels of digitalization are providing key benefits to owners and operations, improving operational efficiency and asset monitoring. But they can also leave assets vulnerable to cyber attacks and cyber crime.
To protect their assets, ship owners and offshore operators must understand the scope of cyber risk for their units and develop clear cyber security and safety procedures. This is formally formally affirmed by the IMO in the MSC 428(98), and shipowners, have thereby to demonstrate that cyber risks are taken care of in their safety and security management practices.
As a next step, maritime stakeholders will also need to go beyond cyber risk management and ensure cyber security by design of their assets or equipments. To that effect, IACS has issued Recommendation 166, providing guidance on how to achieve such cyber security by design.
BV SOLUTIONS M&O HAS A IN-DEPTH UNDERSTANDING OF THESE IMO REGULATION AND IACS REQUIREMENTS.
Leveraging the compliance framework developed by BUREAU VERITAS in the form of CYBER MANAGED Class Notation, we have developed bespoke templates, tools and training materials to guide owners through the complete mapping of onboard systems and key risk assessments. Our experts can further develop all the documentation, policies and procedures required to rollout an efficient cyber risk management system and thus be ready for 2021 Cyber ISM requirements.
Finally, working within the CYBER SECURE Class Notation framework , BV Solutions M&O experts can also provide the relevant technical assistance to get prepared for cybersecurity by design, as well as to rollout penetration testing when relevant.
PREPARING ASSETS FOR CYBER SECURITY CLASS NOTATIONS
Once BV Solutions M&O has developed a complete set of cyber security documentation, owners can submit their papers to classification societies for approval. If cyber security principles are properly implemented onboard and onshore, the vessel can be granted an 1st tier additional Class Notations, such as Bureau Veritas’ CYBER MANAGED.
Going beyond cybersecurity risk management, BV Solutions M&O can also support maritime stakeholders to prepare for the next step of cybersecurity – “cybersecurity by design”, this time aiming at the 2nd tier additional Class Notations, such as BV’s CYBER SECURE.
Typically, BV Solutions M&O can:
- Support equipment provider with hardening of their systems
- Support procurement and construction with the selection of duly certified cyber security solutions,
- Support designers and yards with securing integration
- Support commissioning activities with the management of penetration tests if required