Strengthening Cyber Resilience - Key updates and compliance strategies for maritime operations
In recent months, the shipping industry has seen a significant rise in cyber-attacks, largely driven by geopolitical tensions. State-linked hackers are increasingly targeting global trade, as highlighted by a recent Financial Times article1.
As part of a comprehensive approach to maritime cyber security, safeguarding operations and critical assets from these evolving threats has become our top priority. With the integration of Diverto’s advanced IT and OT security solutions into our portfolio, we are equipped to support our customers in navigating regulatory compliance and strengthening their cyber defences.
The maritime cyber security landscape is rapidly changing, with IACS UR E26 & UR E27 mandating cyber resilience from July 2024, IMO's MSC.428(98) requiring cyber risk management in Safety Management Systems since January 2021, and the NIS2 Directive introducing stricter EU standards in October 2024. The NIST Cybersecurity Framework (CSF) also offers global guidelines to support these efforts.
Recommended Measures:
Security Testing and Assessment: Regular risk assessments and penetration tests for IT, OT systems, Wi-Fi networks, key applications, and supply chains are essential. These measures help identify vulnerabilities and ensure compliance with IACS UR E26/E27, NIST, and NIS2 regulations.
Phishing Simulations and Awareness: Regular phishing simulations, along with cyber security training and awareness programs, can help reinforce the organisation's security culture and reduce the risk of attacks.
Security Policy: Developing and continuously updating a comprehensive security policy that aligns with NIST and international standards is crucial. This ensures compliance with IMO 428, IACS UR E26/E27, and NIS2.
Incident Detection and Response: Proactive security measures, supported by a 24x7 Security Operations Centre (SOC), provide continuous monitoring and rapid response to security incidents.
CISO Role: For organisations without an in-house Chief Information Security Officer (CISO), outsourcing this role can help manage cyber security strategy, ensuring effective coordination and reporting of security activities.
The Marlink Group is committed to addressing all of the above points. Alongside our newly integrated team of experts from Diverto, we are ready to assist with security assessments and compliance. Safety and operational continuity remain our top priorities, and we offer comprehensive support to fortify defences against the growing cyber threat landscape. If you would like to request a consultation, please reach out to your Key Account Manager or fill in the form below.
To learn more about our latest acquisition of Diverto please refer to the press release from 02 July 2024.
[1]Source: Telling, Oliver. "Cyber Attacks on Shipping Rise Amid Geopolitical Tensions." Financial Times, July 28, 2024.
Protect what matters most
Don’t let your business be the next headline. Discover cutting-edge insights and actionable strategies to fortify your digital defenses.
Reach out to our cyber security experts for tailored advice and a consultation on how to protect your operations.