Lloyd's List is part of Maritime Intelligence

This site is operated by a business or businesses owned by Maritime Insights & Intelligence Limited, registered in England and Wales with company number 13831625 and address c/o Hackwood Secretaries Limited, One Silk Street, London EC2Y 8HQ, United Kingdom. Lloyd’s List Intelligence is a trading name of Maritime Insights & Intelligence Limited. Lloyd’s is the registered trademark of the Society Incorporated by the Lloyd’s Act 1871 by the name of Lloyd’s.

This copy is for your personal, non-commercial use. For high-quality copies or electronic reprints for distribution to colleagues or customers, please call UK support at +44 (0)20 3377 3996 / APAC support at +65 6508 2430

Printed By

UsernamePublicRestriction

New cyber health check tool evaluates vulnerabilities throughout a ship’s lifecycle

Connected systems and cloud-based web applications have become instrumental in improving ship performance. While the benefits are undeniable, the very connectivity of these systems increases their vulnerability to cyber attacks.

Ships have already been the target of ransomware and malware attacks that have cost vessel owners time, money and credibility. The threats are constantly evolving, and shipowners need to maintain a defensive stance throughout their vessels’ lifecycles.

CHART, by Bureau Veritas, helps address these challenges by providing a comprehensive audit of a vessel’s OT/IT architecture, comprising its networks, equipment, security mechanisms and interconnections. The tool can be used at specific times during a vessel’s lifetime to give shipowners a better understanding of their digital assets, and if required, to recommend mitigation measures.

Drawing on BV’s comprehensive knowledge of the cyber security ecosystem, CHART is an additional tool in the range of what BV can provide shipowners to comply with IMO Resolution MSC.428 (98), which requires them to implement effective cyber risk management on their vessels and demonstrate it in their safety management systems. Flag authorities worldwide scrutinise vessels for compliance with this regulation, and while the approach may vary from country to country, certain requirements are universal, including the creation of a management plan detailing the basic measures used to meet cyber security rules.

Moreover, owners should have monitoring and reporting systems in place to chart incidents together with any corrective and preventive actions implemented. Most flags also require audits and specify the need for a clear division of responsibilities among onboard and onshore personnel.

CHART complements BV’s rules and notations on cybersecurity, providing the industry with a tool that ensures OT/IT architectures are correctly identified, and pinpoints existing vulnerabilities. To provide confirmation of measures taken by shipowners, BV has developed three cyber security notations that cover the full range of organisational and technical solutions they put in place:

  • CYBER MANAGED is an additional Class Notation that confirms shipowners and contractors have developed a complete map of IT and OT systems, undertaken a risk assessment, implemented mitigation measures, incorporated high-level management principles, and developed detailed onboard procedures.

  • CYBER RESILIENT is an additional Class Notation which guarantees, as of today, a vessel’s compliance with the upcoming Unified Requirement (UR) E26 from IACS that will enter into force for all contracts signed after January 1, 2024. UR E26 aims to ensure the secure integration of both Operational Technology (OT) and Information Technology (IT) equipment into the vessel’s network during the design, construction, commissioning, and operational life of the ship. It covers five key aspects: equipment identification, protection, attack detection, response and recovery.

  • CYBER SECURE also guarantees compliance with the upcoming Unified Requirement (UR) E26 but adds stringent requirements, making it the additional Class Notation chosen by pioneer owners, and designed for a new generation of hyper-connected vessels, autonomous vessels and military vessels.

CHART represents BV’s most recent effort to support shipowners with technical expertise on the cyber security ecosystem and in-depth knowledge of the highest industry standards. This helps the industry progress on its digital resilience journey with the confidence that the right safeguards are always in place to protect their systems and critical data.

Topics

UsernamePublicRestriction

Register

LL1144491

Ask The Analyst

Please Note: You can also Click below Link for Ask the Analyst
Ask The Analyst

Your question has been successfully sent to the email address below and we will get back as soon as possible. my@email.address.

All fields are required.

Please make sure all fields are completed.

Please make sure you have filled out all fields

Please make sure you have filled out all fields

Please enter a valid e-mail address

Please enter a valid Phone Number

Ask your question to our analysts

Cancel