Inmarsat Maritime has launched a white paper urging maritime organisations to strengthen their cyber defences - as the industry continues to adopt connected technologies for digitalisation, decarbonisation, and crew welfare.
The whitepaper explores the International Association of Classification Societies (IACS)’ new unified requirements (URs) for cyber security. Compiled in collaboration with leading classification society and IACS member ClassNK, IACS Unified Requirements E26 And E27 – Beyond Compliance outlines the process of demonstrating compliance with the forthcoming URs.
When they come into force on 1 July 2024, E26 and E27 will establish minimum requirements for the cyber-resilience capabilities of newbuild vessels and their connected systems, respectively. While the paper reports that their implementation will provide “full visibility of a vessel’s computer assets and network infrastructure”, it also acknowledges the URs’ limitations, and the opportunities that exist for a more in-depth risk-assessment process and for organizations to apply additional attention to cyber-security policy and associated procedures.
Makiko Tani, Deputy Manager, Cyber Security for maritime classification body ClassNK, said: Best practice in addressing cyber-security requirements is to take a risk-based approach, where cyber-risk controls are implemented following a thorough risk assessment, and consider people, process, and technology in a balanced manner. Among these, the human aspect is an important link, fostering cyber hygiene through training, while defining clear roles and responsibilities within an organization. Furthermore, cyber-risk controls should be governed by the organization’s established cybersecurity policy. ClassNK continues to collaborate with industry leaders, so it contributes to helping our stakeholders streamline their cyber-risk controls and further integrate their cybersecurity policy with the organization’s governance strategy, ultimately building a cyber-resilient organization.”
Laurie Eve, Chief of Staff, Inmarsat Maritime, said: “Inmarsat Fleet Secure helps ship owners, operators, and managers to comply with cyber-security regulations including the new IACS URs while supporting meaningful enhancements across the three key areas: people and culture, network-connected systems and services, and an incident-response plan. Deployed as part of a holistic, risk-based approach, it enables organisations to embed cyber security within their connectivity strategy to keep their assets – and people – safe from online threats.”
Inmarsat’s Fleet Secure portfolio helps maritime organisations to comply with cyber security regulations including the new IACS URs. The portfolio combines three powerful components – Fleet Secure Endpoint, Fleet Secure Unified Threat Management, and Cyber Awareness Training, all aimed at proactively responding to a potential cyber threat and available to Fleet Xpress customers.
IACS Unified Requirements E26 And E27 – Beyond Compliance can be accessed here