Inmarsat Maritime, a Viasat company, has launched a white paper urging maritime organisations to strengthen their cyber defences - as the industry continues to adopt connected technologies for digitalisation, decarbonisation, and crew welfare.
The whitepaper explores the International Association of Classification Societies (IACS)’ new unified requirements (URs) for cyber security. Compiled in collaboration with pioneering classification society and IACS member ClassNK, IACS Unified Requirements E26 And E27 – Beyond Compliance outlines the process of demonstrating compliance with the forthcoming URs.
Cyber-resilience capabilities
When they come into force on 1 July 2024, E26 and E27 will establish minimum requirements for the cyber-resilience capabilities of newbuild vessels and their connected systems, respectively.
E26 and E27 will establish minimum needs for the cyber-resilience abilities of newbuild vessels
While the paper reports that their implementation will provide 'full visibility of a vessel’s computer assets and network infrastructure', it also acknowledges the URs’ limitations, and the opportunities that exist for a more in-depth risk-assessment process and for organisations to apply additional attention to cyber-security policy and associated procedures.
Cyber-security requirements
Makiko Tani, Deputy Manager, Cyber Security for maritime classification body ClassNK, said: "Best practice in addressing cyber-security requirements is to take a risk-based approach, where cyber-risk controls are implemented following a thorough risk assessment, and consider people, process, and technology in a balanced manner. Among these, the human aspect is an important link, fostering cyber hygiene through training, while defining clear roles and responsibilities within an organisation."
"Furthermore, cyber-risk controls should be governed by the organisation’s established cybersecurity policy. ClassNK continues to collaborate with industry pioneers, so it contributes to helping our stakeholders streamline their cyber-risk controls and further integrate their cybersecurity policy with the organisation’s governance strategy, ultimately building a cyber-resilient organisation.”
Cyber security regulations
Laurie Eve, Chief of Staff, Inmarsat Maritime, said: “Inmarsat Fleet Secure helps ship owners, operators, and managers to comply with cyber-security regulations including the new IACS URs while supporting meaningful enhancements across the three key areas: people and culture, network-connected systems and services, and an incident-response plan. Deployed as part of a holistic, risk-based approach, it enables organisations to embed cyber security within their connectivity strategy to keep their assets – and people – safe from online threats.”
Inmarsat’s Fleet Secure portfolio helps maritime organisations to comply with cyber security regulations including the new IACS URs. The portfolio combines three powerful components – Fleet Secure Endpoint, Fleet Secure Unified Threat Management, and Cyber Awareness Training, all aimed at proactively responding to a potential cyber threat and available to Fleet Xpress customers.