Managing maritime cyber security

In 2017 the International Maritime Organization (IMO) adopted Resolution MSC.428(98), which requires that a ship’s Safety Management System (SMS) should take into account cyber risk management in accordance with the objectives and requirements of the International Safety Management (ISM) Code. The ISM Code requires internal audits at least every 12 months plus an annual endorsement of the Document of Compliance.

Maintaining compliance with the ISM Code requires knowledge and awareness of both shore and ship based cyber related issues. Maritime cyber security is a rapidly changing landscape where no two shipping companies are identical and the wide range of conditions in which vessels operate are equally unique. To help you maintain the cyber elements of a ship’s SMS and ensure continuing compliance with the ISM Code you need a trusted expert partner who understands your business. A partner with a deep understanding of maritime operations at sea and onshore and with extensive cyber security know-how.

Cybertechnologies have become essential to the operation and management of numerous systems critical to the safety and security of shipping and protection of the marine environment.

IMO MSC-FAL.1/Circ.3, July 2017

Our cyber security solution for maritime operations

Wärtsilä Cyber services relies on industry best practices to safeguard your service operations and onboard systems throughout their lifecycle. We help you to develop the resilience you need to defend against and recover from any form of cyber interference.

Maintaining cyber resilience is a continuous process that should never be thought of as completed. We help you to understand the current cyber security status of your operational environment and provide actions to mitigate identified cyber risks. Our services enable a systematic 360-degree approach to cyber security risk mitigation, from assessing your current cyber posture to implementing cyber controls and lifecycle services.


  • Identify your cyber risks and understand the actions needed to mitigate them
  • Maintain an auditable and managed programme to control your cyber security threats
  • Ensure preventative protection of your installation against cyber risks and safeguard products and service operations 
  • Recover quickly from cyber attacks and maintain resilience to ensure maximum operational uptime and availability while increasing the reliability of your industrial control system (ICS) assets 
Marine image cyber services

A purpose-built solution for the marine industry

Wärtsilä’s approach to ICS cyber security is based on the guidance and requirements put forward by number of maritime classes, international IEC cyber security standards and best practices such as:

  • ABS: Guidance notes on the Application of Cybersecurity Principles to Marine and Offshore Operations
  • BIMCO: Guidelines on Cyber Security Onboard Ships
  • DNV: Recommended Practice for Cyber Security Resilience Management
  • IAPH: Cybersecurity Guidelines for Ports and Port Facilities
  • IEC-61162-460: Maritime navigation and radiocommunication equipment and systems - Digital interfaces - Part 460: Multiple talkers and multiple listeners - Ethernet interconnection - Safety and security
  • IEC 62443: Security for industrial automation and control systems
  • IET: Code of Practice, Cyber Security for Ships
  • IMO MSC-FAL.1: Guidelines on Maritime Cyber Risk Management
  • IMO MSC.428(98): Maritime Cyber Risk Management in Safety Management Systems

As an original equipment manufacturer (OEM) and service provider, Wärtsilä has a thorough understanding of vessel systems and can therefore provide complete lifecycle support to help you mitigate cyber security risks. Our wide global service network of skilled service engineers, extensive cyber security expertise, and strategic partnerships help to keep your vessels/fleet and maritime systems safe.

Cyber services

Cyber assessment

Cyber assessment

Assess your current situation and understand where you are in terms of cyber risks, compliance gaps or technical vulnerabilities.

Cyber foundation

Cyber foundation

Establish the foundation for your cyber risk management by setting up a cyber security management system, governance and policies.

Cyber protection

Cyber protection

Implement procedural and technical controls and system upgrades to reduce cyber risks.

Cyber recovery

Cyber recovery

Maintain cyber security resilience with active threat monitoring and effective incident response procedures with the help of Wärtsilä Product Security Incident Response Team (PSIRT) and our global service network.

Wärtsilä Vulnerability management

Wärtsilä ICS vulnerability management services provide procedures for you to manage vulnerabilities, mitigate risks and run your operations more securely. Wärtsilä ICS vulnerability management services belong to the Cyber protection module and consists of following Cyber services:

  • Wärtsilä ICS vulnerability advisory
  • Wärtsilä ICS patch validation
  • Wärtsilä ICS patch deployment

Benefits of vulnerability management:

  • Ensure that Wärtsilä provided equipment is secure
  • Outsource the need for vulnerability tracking
  • Obtain managed cyber security and mitigation processes
  • Obtain auditable vulnerability management process
  • Meet your regulatory and compliance requirements

Wärtsilä PSIRT

Wärtsilä Product Security Incident Response Team (PSIRT) provides cyber security vulnerability assistance and incident response for Wärtsilä’s customers. PSIRT services prevent and address cyber security incidents at vessels and off-shore locations to secure continuous business without interruptions. The incident response process begins from the initial detection of the incident and covers all phases up to and including solving the ongoing issues and providing lessons learned and suggestions for overall improvement.

Benefits of PSIRT:

  • Detects threats before they cause incidents or damage
  • Detects and resolves incidents
  • Provides incident-response services to support incident handling


16 FEB 2022 Article
5 min read

One year of IMO’s Cyber Security resolution: what has changed and the road ahead

We sat down with our Head of Cyber Security, Päivi Brunou, to...
When cyber security is second nature
28 JAN 2021 Article
4 min read

Cyber security at sea in 2021: Shift happens

The IMO affirmed changes that place greater responsibility on ship owners and operators to understand...
Teemu Eronen, Director of Cybersecurity, Wärtsilä
20 AUG 2020 Article
8 min read

In Conversation with Wärtsilä’s cybersecurity expert

The threat of cyberattacks on critical infrastructure like power plants and vessels at sea is...
Mark Milford
7 JUL 2020 Article
4 min read

Cybersecurity – 1.5 trillion reasons to take it seriously

Mark Milford, Vice President for Cyber Security at Wärtsilä, asseses the cyber security...
20 FEB 2019 Article
5 min read

Fighting the constant cyberwar

From an online questionnaire to white-hat hackers, Wärtsilä’s Cyber Assessment Service is the first step that...
Cybersecurity looks to the cloud to protect data at sea
28 FEB 2020 Article

Cybersecurity looks to the cloud to protect data at sea

When it comes to cybersecurity, it’s not just IT that needs protecting, but Operational...

Press releases

Wärtsilä Marine. Let's connect.