Onboard Cyber Security: Building IMO-Compliant Network Management Systems

With digitalisation, the maritime sector is actively optimising its operations, increasing its productivity, and reducing its costs. This push towards digitalisation goes hand-in-hand with the growing demand for uninterrupted connectivity services onboard all types of vessels. While this is becoming vital to business continuity in a hyper-competitive global business environment, it is also increasing the exposure to cyber risks and potential service disruptions.

In light of these evolving factors, the International Maritime Organisation (IMO) adopted an International Safety Management (ISM) Code, in effect from January 2021. This resolution put forth a set of compliance recommendations to address existing safety management systems, especially noting that commercial ships with over 500 gross tonnage are required to include cyber security in their onboard management systems.

Since then, fleets across the globe have been – and are continuing to be – surveyed by third-parties to empower vessel owners with a comprehensive understanding of the cyber security exposure of their vessel. In fact, cyber security is now progressively becoming a part of formal maritime contracts. Onboard cyber security today is not just a matter of IMO compliance, but an inherent part of management strategy and the fleet planning process.

Navigating Cyber Security

From 2016 to 2021, 13 high-level and significant cyber incidents were reported in the global maritime industry. Since then, cyber-attacks in operational technology (OT) systems have increased by 900%. This means that the onboard network that manages traffic control, cranes, vessel berthing, cargo handling, safety, and security is severely exposed and can be potentially compromised. Moreover, an OT system disruption can easily spill over into the vessel’s IT system – bringing cyber operations and vessel security to a standstill.

In the last year alone, there have been 5 significant maritime cyber incidents – and these are becoming more sophisticated and malicious. In 2020, security breaches cost $4 million – an all-time record. The average cost of a data breach is expected to surpass $5 million in 2023.

Besides onboard cyber risks, today’s operational landscape includes the management of large volumes of critical data. From ship-to-shore data transfers to real-time remote vessel monitoring, maritime services are delivered over digital systems that function over both GSM and satcom. Connectivity is also a risk to the maritime supply chain. A single cyber-attack can affect multiple fleets and companies at once.

The Environmental Factor

Earlier this year, the IMO has revised its emissions strategy for the maritime sector – aiming for net zero by 2050. A checkpoint for a 40% decrease in GHG emissions has been marked for 2030. Certifications for Energy Efficiency Existing Ship Index (EEXI) and Carbon Intensity Index (CII) are mandatory since January 2023.

Essentially this means that a vessel’s operational processes will have to include such data reporting – especially keeping in mind that the IMO is actively updating co mpliance requirements across emissions as well as safety and cyber security systems. It is, thus, pertinent that the authenticity and security of data and cyber systems is maintained.

Fortunately, such cyber secure data collection has shown that, in the past three years, the maritime industry has increased the use of clean fuels, reduced air pollution, and decreased sulphur oxide emissions by 77%. A parallel uptake in cyber security policies and multi-layer coverage for fleets – anti-virus, risk control, and advanced threat protection – bodes well for the challenges being faced by the maritime sector.

IMO Cyber Security Policy

The IMO has defined five areas of cyber security measures to ensure that critical vessel systems are not compromised.

1. Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations.
2. Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations.
3. Detect: Develop and implement activities necessary to detect a cyber-event in a timely manner.
4. Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event.
5. Recover: Identify measures to back-up and restore cyber systems necessary for shipping operations impacted by a cyber-event.

IEC Telecom’s State-of-the-Art Cyber Security Solutions

Ensuring efficiency in cost and time, as well as maintaining the integrity of transferred data, is at the core of IEC Telecom’s cyber security solutions. These comprehensive cyber security packages are specially optimised for the maritime environment and employ multiple layers of protection to shield on-board systems from known viruses and identify potential threats.

IEC Telecom is committed to supporting maritime companies in covering a wide range of IMO requirements. Our cyber security package includes:

1. Identify: IEC Telecom’s dedicated team helps vessel operators to prioritise vessel safety, efficiency, and cybersecurity in an increasingly connected world. Our team will help you to identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations.
2. Protect: IEC Telecom’s cyber security solutions empower vessel operators to implement risk control measures and contingency plans, benefit from a free phishing penetration test, and get access to educational materials for staff and IT personnel. This innovative bespoke solution also segregates mission-critical and welfare networks.
3. Detect: IEC Telecom’s multi-layer cyber security coverage safeguards operations, including advanced threat protection, anti-virus, scanning, continuity, anti-phishing, and provision reports on threats detected.
4. Respond: IEC Telecom’s advanced threat protection system operates from a user-friendly virtual portal. Vessel operators can apply quarantine, archive, and continuity to suspicious emails, receive antivirus updates in timely manner, and more.
5. Recover: IEC Telecom’s qualified technical team will help to choose the right set of applications for the particular requirements of a vessel and offer advice on how to meet the new regulations in the most efficient manner. To ensure business continuity if a threat is successful, IEC Telecom offers various services to recover the data, including archiving, backup and restoration.

Keeping each vessel’s software up-to-date is vital for the cyber security of the entire fleet. IEC Telecom offers remote deployment of software update patches and facilitates data replication between the ship and shore to enhance cyber security measures.

OptiShield’s Advanced Cyber Security Toolkit

OptiShield offers top-tier protection for the onboard network as well as support in enforcing IMO compliance on the vessel. It is a unique cyber security offering in the market today with its 24/7 cyber response team that ensures timely and critical action against cyber-attacks. Its advanced IPS service utilises the latest threat intelligence in the market.

Vessel operators can enhance visibility and control inventories over an intuitive dashboard – investigate incidents in real-time and establish policies for automated responses. The seamless integration between the endpoint anti-virus and the next-generation firewall provides native endpoint visibility, vulnerability management, and compliance control.

OptiShield offers centralised system management. From automatically sharing data with customer endpoints to conducting sandbox analysis, administrators can quickly contain incidents and prevent further outbreaks.

IEC Telecom’s cyber security solutions come with advanced remote management capabilities. Not every vessel can have an IT specialist on board, which increases its vulnerability. IEC Telecom closes the gap, enabling remote support throughout the vessel’s journey. Satcom consultancy is not limited to security alone, but also helps customers to optimise traffic consumption, saving costs and improving the customer experience.