Maritime

+44 (0) 161 209 5111 response@nccgroup.trust www.nccgroup.trust

For more information from NCC Group, please contact:

About NCC Group

NCC Group is a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape.

With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.

We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.

NCCGSCMARINEV10317

3 Oil & Gas Sector Oil & Gas Sector 4

Maritime systems are incredibly diverse and appear in various configurations on-board a vessel. As such, the potential for cyber security weaknesses is incredibly high. With the increasing threat of cyber attacks it has never been more important for organisations to understand what their current security posture is and how to improve it.

At NCC Group we provide a suite of strategic, technical and operational services to help you prepare, assess and respond to the cyber risks your organisation faces.

Internet-connected

bridge systems

Strategic

NCC Group’s maritime team contributed to the International Maritime Organisation’s (IMO) Guidelines for Managing Maritime Cyber Risk and the BIMCO Guidelines for Cyber Security on-board ships, two documents that are now accepted as global best practice.

During our strategic preparation service, a risk management specialist will review your existing security controls against the guidance outlined in the IMO and BIMCO standards. We then present a detailed gap analysis report, providing a clear and concise analysis of the gaps between your current policy / procedure / controls and best practice.

Key areas of focus include:

• Establishment of awareness of the safety, security and commercial risks that lack of cyber security measures represent.

• Protection of shipboard IT infrastructure.

• Authentication and authorisation management of users to ensure appropriate access to necessary information.

• Protection of data that is used in the ship environment, ensuring it has adequate protection based on sensitivity of the information.

• Management of IT users to make sure they only have access and rights to the information for which they are authorised.

• Management of communication between the ship and the shore side.

TechnicalTechnical assessment

Ships are increasingly being fitted with networking environments that allow connectivity between systems and the Internet. During our technical assessment we evaluate the security of on-board networks and systems to determine where vulnerabilities may exist that could be exploited by an attacker to gain access to data or threaten the safety of the ship. We will focus on safety-critical systems including ECDIS and GMDSS, GPS, engine and steering management and inventory control systems.

Build review

During a build review phase we undertake a comprehensive review of the operating system builds and the configuration of key components, focusing on assessing the build security quality of the devices on-board.

External infrastructure testing

Ships are often connected with shore-based systems via satellite and radio communications and they utilise various maritime data sources. All of these systems provide a potential access point for attackers to circumvent firewalls and router perimeter security to directly access and exploit other ship systems. As part of our infrastructure testing we evaluate the Internet and local broadcast systems the ship uses to communicate externally in order to identify vulnerabilities that could be used to gain access to the ship’s systems remotely.

Defence in depth

NCC Group’s defence in depth team can provide professional services to design, configure and test industry leading technologies and security controls for maritime data communications including:

• Data traffic acceleration between vessels and home corporate network.

• Caching of data content for fast retrieval time.

• Bandwidth control to prioritise critical applications.

• Web content filtering for Internet access control.

• Authentication and reporting services.

Operational

It is no longer sufficient for an organisation to rely on “if we will be attacked”, organisations have to work on the basis that “we will be attacked” and prepare accordingly.

NCC Group’s incident response service provides you with all the components you need to effectively handle and respond to a breach. Our team has the experience and capability to deal with any cyber emergency incident, from state sponsored attacks through to less sophisticated attacks that still bypass traditional network defences.

Highlights include:

• Incident response investigators on call 24/7.

• Initial telephone response triage within one-hour.

• An investigator on-site by the next business day.

• Ability to work either in conjunction with your teams or take over the whole incident investigation, liaising with suppliers and partners where necessary.

• All work carried out under Association of Chief Police Officers guidelines.

• Expert witnesses available for court proceedings.

• Assistance with public relations, crisis communication and law enforcement.

Crew Internet &

infotainment

systems

AIS, GPS,

vSat/FBB

connectivity

Engine & industrial

system telemetry

& monitoring

Lack of network

segregation

Use of USB

drives for

data sharing