Cybersecurity for newbuilds
With cyber-related risks on the rise, asset owners must introduce cybersecurity measures into their newbuilds from the design stage. The International Association of Classification Societies (IACS) suggests—and will soon impose—stringent technical design requirements on the construction yards, who are seeking help to address these challenges.
BV Solutions M&O powered by Secura ensures the successful integration and maintenance of such strict controls. We provide services to support cyber-secured design and production at construction yards and write cyber risk management reference documentation for shipowners.
OUR ADDED-VALUE
By combining our core marine and offshore expertise with Secura’s best-in-class cybersecurity knowledge, we provide superior, tailor-made services adapted to our clients’ needs
We deploy a framework for cybersecurity readiness on any type of marine or offshore asset or operation—whether subject to classification or not— thus enabling our clients to achieve the highest levels of cybersecurity
Established by experts, our thorough methodology helps us customize solutions to cater to each shipyard and builder’s needs
Assessing threat criticality and risk
Our comprehensive cyber threat assessment services start with a thorough review of asset inventory through interviews with the client. This leads to the creation of an advanced repository listing all assets. Our experts then assess the safety risks inherent to cyber threats on equipment connections, shore-to-ship data exchange, and physical installation of critical systems.
Delivering recommendations
We conduct a gap analysis of processes and implemented controls using enhanced risk assessment methods and new penetration testing (“pentesting”) powered by Secura. This ensures compliance with a variety of operational regulatory requirements at international, flag, and coastal levels.
Testing vessel cybersecurity
To check for exploitable vulnerabilities, we then conduct active pentests by simulating a cyber-attack against onboard systems as well as system updates in the shipyard. This enables us to identify potential weak points in the event of a system-engaging attack.
Deliverables
The final element of our cybersecurity service for newbuilds consists of onboard non-destructive pentesting. Our experts carry out certified tests. They also create a compliance matrix with BV NR 659, a rule intended to encourage owners to manage cyber risk, strengthen onboard procedures, protect equipment and comply with the regulation.