Compliant with the IMO
Cybersecurity Assessment : The IMO requests to have cybersecurity assessment on yachts from 2021. Please, don’t consider this recommendation just as another new rule to comply by. This is a unique opportunity for captain and officer to discover their yacht and crew from a very unusual point of view… and finally very rich and useful.
- Detailed report of the audit
- Executive summary
- Cybersecurity dashboard
- Findings and recommendations
- Cyber action plan (CSP)
- Macro-IT architecture scheme
- Update of manuals and procedures
- Certificate of cybersecurity assessment
Regulators, insurances or banks can also request copies of some operational deliverables in case of special situations
Cybersecurity assessment on yacht is not like PenTest IT technicians are used to performing on IT servers for companies.
Experts in cybersecurity for yachts must analyse the whole attack surface of the yacht. Of course, the crew and also external contractors are part of the attack surface.
YachtCyberSafe has developed an approach which fully complies with IMO’s requirements and provide results easy to implement and essential: good practices, procedures, awareness, toolkit for crewmates, captain’s dashboard
3 strengths of the holistic methodology YachtCyberSafe
This holistic approach has 3 advantages:
- To have a full coverage of the cyber threats
- To be compliant with the IMO 2021 regulation
- To optimize budget and resources for the best result for the owner and guests’ cyber protection
Once the assessment is completed, we generally decide during the debriefing with the Master to:
- Update manuals: SMS and SSP
- Add or update procedures