Cyber Security forms part of a fast moving maritime agenda with SpecTec set to play a key role in mitigating risk for the wider industry.
SpecTec were invited by leading Classification Society, Bureau Veritas, to be part of a Cyber Secure Class Notation Working Group. This includes a host of industry renowned organisations brought together to influence this agenda through a combination of collaborative thinking and best practice. The main theme relates to the safeguarding of ship operations through the application of secure practices for the use and management of technology.
Tim Rosenberger, Director of Global R&D for SpecTec said, “A ship is not just a ship anymore, it is more representative of a floating communication and IT network. The interoperable nature of technology enables effective communication across multiple systems and vessels. While this assists in delivering operational efficiencies and reducing costs, it also creates other challenges, most notably in the form of Cyber Security.”
The Working Group recently met in Paris as part of a workshop organised by Bureau Veritas. Discussions centred on the creation of a ‘Cyber Secure Class Notation’ to cover ‘Compliance and Software Registry’, ‘Events and Logs Recorder’ and ‘Onshore Fleet Cyber Security’ in three class releases for suppliers, shipyards and ship owners. The document references existing requirements and frameworks such as the National Institute of Standards and Technology (NIST), ISO 27000x and ANSSI (National Cybersecurity Agency of France).
The existing notations IACS UR E22 and SYS-COM form a comprehensive set of guidelines for software change management and the exchange of data between ship and shore. This is extended by the upcoming additional Cyber Secure Class Notation to support new needs for Cyber Safety, IT security, autonomous shipping and remote operation centers (ROC).
“It is now critical that maritime organisations factor in cyber security as part of their wider business strategy. Technology is shaping the future of our industry, however, we must safeguard against potential vulnerabilities through collaborative partnerships. Consideration needs to be given to benefit versus risk,” said Rosenberger.
As part of its Cyber Security strategy, SpecTec remains committed to contributing ideas and best practice to the Working Group in the future to help customers address maritime cyber risks through AMOS software and consultancy services compliant to the new class notation.
SpecTec has recently issued its own Cyber Security and GDPR Guidelines for its core products, AMOS Business Suite and AMOS EMS. Best practice has been applied to data security and the protection of special data, with consideration given to the key areas of operational impact.
Customers are able to use existing product functionalities to enhance security (cyber) and assist with GDPR compliance.