Cyber security constitutes a collective responsibility encompassing all ship design and operation stakeholders.
In an era dominated by smart ships, cybercriminals persistently seek vulnerabilities in communication and tracking systems to penetrate networks. Consequently, safeguarding against malware, ransomware, and other cyber threats is paramount.
Recognizing the critical importance of cyber security, regulatory bodies such as the EU are explicitly incorporating shipping into their critical infrastructure frameworks. The forthcoming IACS Unified Requirements mandate robust cyber security measures during the vessel design verification pro- cess. This entails system suppliers integrating resilient cyber security features into their offerings, while shipyards and designers prioritize cyber security in system procurement and integration.
At Posidonia 2024, where industry leaders will convene to shape the future of shipping, cybersecurity must occupy a central position in discussions surrounding innovation and sustainability. As stakeholders gather to exchange insights and foster collaborations, DNV emphasizes the pivotal role of cyber- security in driving technological advancement while safeguarding critical assets and data. DNV also highlights the relationship between cybersecurity and eco-friendly maritime solutions. By safeguarding digital systems, cybersecurity enables the seam- less integration of sustainable technologies, facilitating a transition towards greener and more efficient shipping practices.
DNV cyber security expertise is expanding rapidly
DNV’s commitment to cyber security is further evidenced by its recent acquisition (June 2023) of Nixu, a leading cyber security services provider. DNV is integrating Nixu with its own cyber security businesses to form one strong organization with more than 500 cyber security professionals dedicated to providing cyber protection solutions for demanding IT and industrial control system environments in the maritime, energy, telecommunications and financial services industries, among others.
DNV’s Call for Fortified Ship Design
As the industry converges soon in Athens to explore the latest advancements, DNV underscores the significance of fortifying vessels against emerging cyber threats, setting a precedent for resilient and secure maritime operations.
Central to our discourse is the concept of defence-in-depth, which advocates for a multi-layered approach to cybersecurity. By integrating technical, procedural, and organizational measures, ship designers can create a robust framework that mitigates cyber risks and ensures the integrity of onboard systems.
Furthermore, DNV underscores the importance of cultivating a cybersecurity culture
within maritime organizations. Through comprehensive training programs and awareness initiatives, companies can em- power their workforce to proactively identify and respond to cyber threats, thereby enhancing the industry’s overall resilience.
DNV Cyber Secure notation ensures compliance with IACS Unified Requirements
DNV’s Cyber Secure class notation serves as a beacon for compliance with the IACS Unified Requirements. By scrutinizing onboard systems, vessel design networks, and operational procedures, it offers guidance and validation of cyber security measures. Notably, the Cyber Secure Essential class notation certifies adherence to IACS UR E27 and E26 standards, underscoring its pivotal role in ensuring cyber resilience. The Cyber Secure notation, grounded in internationally recognized standards such as the IEC 62443 series, offers a comprehensive approach to cyber security across the maritime data value chain. Leveraging existing industry practices enables cost-efficient adoption of cyber security measures, ensuring robust protection against evolving cyber threats.
In conclusion, as digitalization makes great strides in the shipping world, connectivity and system integration expose ships to growing cyber risks. This means that cyber security must be engineered into the design of every new vessel. Suppliers must deliver secure systems, and yards must combine these systems into a secure, painstakingly documented overall concept that provides a strong foundation for cyber-secure operation over the vessel’s lifetime. By prioritizing cyber resilience from inception, stakeholders can mitigate cyber risks, ensure regulatory compliance, and safeguard the integrity of maritime operations.
*Senior Cybersecurity Consultant, Industrial & OT Cyber Security, DNV Maritime