‘Holistic approach’ to onboard cyber security ahead of IACS requirements: Inmarsat

A new whitepaper discusses compliance with forthcoming IACS requirements and explains the importance of a holistic approach to cyber security.

When it comes into force on July 1, IACS (the International Association of Classification Societies) will establish minimum requirements for the cyber-resilience capabilities of newbuild vessels and their connected systems.

Inmarsat Maritime, a Viasat company, has launched a white paper urging maritime organisations to strengthen their cyber defences as the industry continues to adopt connected technologies for digitalisation, decarbonisation, and crew welfare.

The company believes that while IACS unified requirements E26 and E27 will play an important role in helping maritime organisations to strengthen their cyber-defences, companies should take a more holistic approach to onboard cyber security.

“We recommend that organisations concentrate their efforts and investments in three critical areas: people and culture, network-connected systems and services, and an incident-response plan,” reads Inmarsat’s statement.

While the paper reports that their implementation will provide “full visibility of a vessel’s computer assets and network infrastructure”, it also acknowledges the unified requirements’ limitations, which include opportunity for a more in-depth risk-assessment process and for organizations to apply additional attention to cyber-security policy and associated procedures.

The whitepaper explores the International Association of Classification Societies (IACS)’ new unified requirements (URs) for cyber security.

Compiled in collaboration with leading classification society and IACS member ClassNK, IACS unified requirements outlines the process of demonstrating compliance with the forthcoming requirements.

Inmarsat’s Fleet Secure portfolio, which combines three components Fleet Secure Endpoint, Fleet Secure Unified Threat Management, and Cyber Awareness Training, helps maritime organisations to comply with cyber security regulations including the new IACS requirements.

The aim of the portfolio is to proactively respond to a potential cyber threat.