Managing maritime cyber security

”Cyber security is being recognised as an increasingly important factor in the reliable and safe operations of a connected maritime industry. As an evolution of the earlier International Maritime Organization (IMO) resolution to incorporate cyber risk management in the Safety Management System (SMS), new regulations and requirements are being progressively enforced. The IACS UR E26 and E27 requirements are being mandatory compliance requirements from July 2024 onwards.

Maintaining compliance with the cyber security regulations and requirements calls for knowledge and awareness of both shore and ship based cyber related issues. Maritime cyber security is a rapidly changing landscape where no two shipping companies are identical and the wide range of conditions in which vessels operate are equally unique. To help you maintain your cyber resilience and ensure continuing compliance with the regulations and requirements you need a trusted expert partner who understands your business. A partner with a deep understanding of maritime operations at sea and onshore and with extensive cyber security know-how.”

Together towards IACS cyber requirements

Our cyber security solution for maritime operations

Wärtsilä Cyber services relies on industry best practices to safeguard your service operations and onboard systems throughout their lifecycle. We help you to develop the resilience you need to defend against and recover from any form of cyber interference.

Maintaining cyber resilience is a continuous process that should never be thought of as completed. We help you to understand the current cyber security status of your operational environment and provide actions to mitigate identified cyber risks. Our services enable a systematic 360-degree approach to cyber security risk mitigation, from assessing your current cyber posture to implementing cyber controls and lifecycle services.

Benefits

Identify your cyber risks and understand the actions needed to mitigate them
Maintain an auditable and managed programme to control your cyber security threats
Ensure preventative protection of your installation against cyber risks and safeguard products and service operations
Recover quickly from cyber attacks and maintain resilience to ensure maximum operational uptime and availability while increasing the reliability of your industrial control system (ICS) assets

A purpose-built solution for the marine industry

Wärtsilä’s approach to ICS cyber security is based on the guidance and requirements put forward by number of maritime classes, international IEC cyber security standards and best practices such as:

ABS: Guidance notes on the Application of Cybersecurity Principles to Marine and Offshore Operations
BIMCO: Guidelines on Cyber Security Onboard Ships
DNV: Recommended Practice for Cyber Security Resilience Management
IACS UR E27: Cyber resilience of on-board systems and equipment
IAPH: Cybersecurity Guidelines for Ports and Port Facilities
IEC-61162-460: Maritime navigation and radiocommunication equipment and systems - Digital interfaces - Part 460: Multiple talkers and multiple listeners - Ethernet interconnection - Safety and security
IEC 62443: Security for industrial automation and control systems
IET: Code of Practice, Cyber Security for Ships
IMO MSC-FAL.1: Guidelines on Maritime Cyber Risk Management
IMO MSC.428(98): Maritime Cyber Risk Management in Safety Management Systems

As an original equipment manufacturer (OEM) and service provider, Wärtsilä has a thorough understanding of vessel systems and can therefore provide complete lifecycle support to help you mitigate cyber security risks. Our wide global service network of skilled service engineers, extensive cyber security expertise, and strategic partnerships help to keep your vessels/fleet and maritime systems safe.

Cyber services

Cyber assessment

Assess your current situation and understand where you are in terms of cyber risks, compliance gaps or technical vulnerabilities.

ICS risk assessment
ICS vulnerability assessment
ICS asset visualisation

Cyber foundation

Establish the foundation for your cyber risk management by setting up a cyber security management system, governance and policies.

ICS security foundation

Cyber protection

Implement procedural and technical controls and system upgrades to reduce cyber risks.

ICS vulnerability advisory
ICS patch validation
ICS patch deployment

Cyber recovery

Maintain cyber security resilience with active threat monitoring and effective incident response procedures with the help of Wärtsilä Product Security Incident Response Team (PSIRT) and our global service network.

PSIRT Infographic

Wärtsilä Vulnerability management

Wärtsilä ICS vulnerability management services provide procedures for you to maintain asset inventory, manage vulnerabilities, mitigate risks and run your operations more securely. Wärtsilä ICS vulnerability management services belong to the Cyber assessment and Cyber protection modules and consists of following Cyber services:

Wärtsilä ICS asset visualisation
Wärtsilä ICS vulnerability advisory
Wärtsilä ICS patch validation
Wärtsilä ICS patch deployment

Benefits of vulnerability management:

Ensure that Wärtsilä provided equipment is tracked and secure
Outsource the need for vulnerability tracking
Obtain managed cyber security and mitigation processes
Obtain auditable vulnerability management process
Meet your regulatory and compliance requirements

Wärtsilä PSIRT

Wärtsilä Product Security Incident Response Team (PSIRT) provides cyber security vulnerability assistance and incident response for Wärtsilä’s customers. PSIRT services prevent and address cyber security incidents at vessels and off-shore locations to secure continuous business without interruptions. The incident response process begins from the initial detection of the incident and covers all phases up to and including solving the ongoing issues and providing lessons learned and suggestions for overall improvement.