Preparing for maritime cyber security

In 2017 the International Maritime Organization (IMO) adopted Resolution MSC.428(98), which requires that a ship’s Safety Management System (SMS) should take into account cyber risk management in accordance with the objectives and requirements of the International Safety Management (ISM) Code.

In practice this means that vessel owners need to identify and manage cyber risks now in preparation for the first annual verification of the company’s document of compliance after 1 January 2021. To mitigate the risks and be ready for 2021, you need an expert partner with the right combination of maritime industry and cyber security know-how.

Cybertechnologies have become essential to the operation and management of numerous systems critical to the safety and security of shipping and protection of the marine environment.
IMO MSC-FAL.1/Circ.3, July 2017

Our cyber security solution for maritime operations

Wärtsilä Cyber services relies on industry best practices to safeguard your service operations and onboard systems throughout their lifecycle. We help you to develop the resilience you need to defend against and recover from any form of cyber interference.

Maintaining cyber resilience is a continuous process that should never be thought of as completed. We help you to understand the current cyber security status of your operational environment and provide actions to mitigate identified cyber risks. Our services enable a systematic 360-degree approach to cyber security risk mitigation, from assessing your current cyber posture to implementing cyber controls and lifecycle services.


  • Identify your cyber risks and understand the actions needed to mitigate them
  • Maintain an auditable and managed programme to control your cyber security threats
  • Ensure preventative protection of your installation against cyber risks and safeguard products and service operations 
  • Recover quickly from cyber attacks and maintain resilience to ensure maximum operational uptime and availability while increasing the reliability of your industrial control system (ICS) assets 

A purpose-built solution for the marine industry

Wärtsilä’s approach to ICS cyber security is based on the international IEC 62443 cyber security standard and best practices. Our service approach can be tailored according to marine guidelines on cyber security such as:

  • BIMCO: Guidelines on Cyber Security Onboard Ships
  • ABS: Guidance notes on the Application of Cybersecurity Principles to Marine and Offshore Operations
  • DNV: Recommended Practice for Cyber Security Resilience Management
  • IMO MSC-FAL.1: Guidelines on Maritime Cyber Risk Management
  • IMO MSC.428(98): Maritime Cyber Risk Management in Safety Management Systems
  • IET: Code of Practice, Cyber Security for Ships

As an original equipment manufacturer (OEM) and service provider, Wärtsilä has a thorough understanding of vessel systems and can therefore provide complete lifecycle support to help you mitigate cyber security risks. Our wide global service network of skilled service engineers, extensive cyber security expertise and strategic partnerships help to keep your critical infrastructure safe.

Cyber services

Cyber assessment

Cyber assessment

Assess your current situation and understand where you are in terms of cyber risks, compliance gaps or technical vulnerabilities.

Cyber foundation

Cyber foundation

Establish the foundation for your cyber risk management by setting up a cyber security management system, governance and policies.

Cyber protection

Cyber protection

Implement procedural and technical controls to reduce cyber risks.


Cyber recovery

Cyber recovery

Maintain cyber security resilience with active threat monitoring and effective incident response procedures with the help of Wärtsilä Product Security Incident Response Team (PSIRT) and our global service network.

Wärtsilä PSIRT

Wärtsilä Product Security Incident Response Team (PSIRT) provides cyber security vulnerability assistance and incident response for Wärtsilä’s customers. PSIRT services prevent and address cyber security incidents in ICSs to secure continuous business without interruptions. The incident response process begins from the initial detection of the incident and covers all phases up to and including solving the ongoing issues and providing lessons learned and suggestions for overall improvement.

Benefits of PSIRT:

  • Detects threats before they cause incidents or damage
  • Detects and resolves incidents
  • Provides incident-response services to support incident handling

Downloads & links

Wärtsilä ICS security foundation

Addressing cyber risks in SMS in accordance with IMO Resolution MSC.428(98)

View infographic »

Wärtsilä PSIRT

Providing vulnerability advisory and incident response

View infographic »

Wärtsilä Cyber services for marine

Wärtsilä Cyber services consist of four modules that should be continuously applied to strengthen your cyber defence.

Download brochure »

In conversation with Wärtsilä’s cybersecurity...

The threat of cyberattacks on critical infrastructure like power plants and vessels at sea is increasing...
20 August 2020
  • Twentyfour7. article

Cybersecurity – 1.5 trillion reasons...

Mark Milford, Vice President for Cyber Security at Wärtsilä, asseses the cyber security environment and...
6 July 2020
  • Twentyfour7. article

Cybersecurity looks to the cloud to...

A holistic approach to data security has helped establish Wärtsilä solutions as among the safest in the...
28 February 2020
  • Twentyfour7. article

Fighting the constant cyberwar

From an online questionnaire to white-hat hackers, Wärtsilä’s Cyber Assessment Service is the first step...
20 February 2019
  • Twentyfour7. article

Getting ready to fight the invisible...

Is cyber security in your company up to standard and safe from hackers and malware? If your answer is...
16 October 2018
  • Twentyfour7. article


Contact us

Please fill in the form, we aim to respond within 1-2 business days depending on the enquiry. For an existing installation, provide all necessary details to identify the installation and the equipment. Fields indicated with an asterisk (*) are required. 

© 2022 Wärtsilä