On 25 May 2022, the conference entitled Cyber-Resilient Ships took place at the Navalia exhibition. This event was presented by Juan Antonio Mojón, director of the software and cybersecurity area of the company Aeromarine and Armand Pascual, deputy director of the industrial cybersecurity area of the company S2 Grupo. The conference explained the evolution of cyber-attacks in the maritime sector, highlighting that they affect all actors, whether they are shipyards, ports, shipping companies, organisations or manufacturers. In addition, it was explained that both the frequency and the diversity of the nature of the attacks is growing exponentially.
IMO Resolution MSC.428(98)
The second part of the presentation focused on IMO, and how this organisation has tried to establish a basic mandatory framework for ships, through resolution MSC.428(98). This new regulation requires shipping companies to design a cyber security plan as part of the ISM. The cyber security plan described should include.
- An inventory of assets susceptible to be attacked. The recommendation is based on the critical equipment structure created by the BIMCO publication “Guidelines on Cyber Security Onboard Ships”.
- A risk analysis.
- The establishment of appropriate barriers to prevent them.
- The development of internal procedures that allow all crew members and workers to know how to act in each situation.
Advanced Maritime Cybersecurity Services
The third part of the Cyber-Resilient Ships conference focused on highlighting that the implementation of such a resolution does not protect ships from being attacked. It helps to raise awareness of what things are allowed and, above all, what actions should not be taken. To ensure that a ship is cyber-resilient, it is necessary to make an in-depth study of all systems installed on board, their integrations, possible external connections to equipment, procedures for installing and updating software, etc. At this point, Aeromarine and S2 Grupo explained their alliance to offer turnkey solutions to the different members of the naval sector.
Several of the services currently offered were also explained, such as:
- Cybersecurity from Design, a consultancy service for new constructions in shipyards.
- Cybersecuritation, for ships and active fleets
- Facilities Security Supervision, designed to maintain the level of cibersecurity of a installation, whether on land or at sea.
Moving towards Cyber-Resilient Ships
The final conclusion was that, while some companies are investing to protect their assets, the majority of the industry is still failing to implement effective measures to protect them from the growing risk of cyber-attack. Without this level of investment, it will be difficult to ensure that shipping companies have cyber-resilient ships in their fleet.
Need more Information?
Contact us and we will design the best cibersecurity solution for your needs.