Two Leading Peripheral Maritime Industry Interests Offer Advice on Avoiding the Cyber Criminals

FRANCE – WORLDWIDE – Cyber-crime now poses the most serious threat to the maritime sector above all others. The illicit activity can ruin companies through malicious hacking of financial records, expose them to blackmail with the potential loss of billions or simply destroy the ability of their websites to handle traffic.

Perhaps even worse though is the danger that internet pirates pose to vessels actually at sea. With modern vessels everything on the bridge relies on the communications, both on board, safety systems, engineering, navigation etc., all linking to equally vulnerable shore side operations.

It is fitting therefore that now we see two organisations peripheral, yet vital, to the industry coming together to take the fight to the criminals. Bureau Veritas (BV) sets the standards for the testing, inspection, and certification of ships whilst BESSÉ offers consultancy services in the realms of insurance, aiming to eliminate or minimise damage to both client and insurers.

The new partners intent is to support ship owners with tailored solutions to improve their cyber security and cyber insurance, combining their complementary expertise to help shipping stakeholders manage the risk of cyber-attacks, which has risen in recent years, particularly for ship owners. This will also be key to help them comply with IMO and IACS requirements.

Bureau Veritas helps ship owners and operators develop and implement an effective cyber security strategy on ships and ashore. To this end, BV has developed a set of rules (NR 659) which make up a framework for assessing maritime cyber security. This framework enables BV to assess the level of cyber risk for ship owners/operators and to recommend organisational, technical and procedural measures to reduce this risk to an acceptable level. This process includes:

• conducting a complete inventory of equipment, systems and networks connected at sea and on land
• conducting a cyber risk analysis to identify vulnerable systems and equipment
• developing and implement a cyber risk management policy
• ensuring the effective implementation of technical and organisational procedures
• enabling ship owners/operators to ensure compliance with IMO cyber security requirements
• validating the management of cyber risk on board through an additional Class Notation

BESSÉ then responds to the identified risks through insurance solutions, by helping ship owners transfer part of the cyber risk to insurers. As many insurance companies now require their clients to demonstrate high standards for cyber risk management, BESSÉ builds on the results of the systems optimisation achieved though BV’s rules to assist its clients in presenting these risks to insurers. Gildas Tual, Director of BESSÉ Maritime and Logistique, said:

"Managing cyber risk is still a new challenge for companies in general, and ship owners and operators in particular. This is why we are delighted to partner with Bureau Veritas to offer tailor made solutions for our clients.”

This partnership is in line with several initiatives in this field. For several years, shipping companies have been regular targets of intrusions and attempted attacks on their information systems. Coming together under the Secretariat General de la Mer, several French stakeholders are providing a coordinated response.

Working in parallel to IMO’s work on adapting regulation to help ship owners put appropriate protection measures in place, the Cyber Council of the Maritime World (C2M2) was created, of which BESSÉ and BV are members. Moreover, a France Cyber Maritime Association was created at the end of 2020. Matthieu de Tugny, President of Bureau Veritas Marine & Offshore, concluded:

"Thanks to our experience and expertise in maritime cyber security, which we deliver every day to our clients around the world, Bureau Veritas is now able to provide BESSÉ with parameters for assessing the cyber resilience of a ship or a fleet. This evidence-based picture provides the basis for the insurance industry to meet the new expectations of ship owners and operators.”

The new partnership was announced on the first day of European Cyber Week 2021 which spent the session examining the strategies and actions required to increase the security of the maritime and port sectors.

Photo: With almost total reliance on GPS these days hackers can give false information regarding a vessel’s actual position to the ship’s operating systems.