Maritime Cyber Security

Maritime
Cyber
Security

Maritime Cyber Security starts with compliance with IMO MSC.428(98) and will have to be kept up as companies embrace digitization of workflow, remote surveys and inspection, and IoT-driven data analytics. Maritime digitization is not a matter of choice but of commercial survival. 

Our fully-managed Cyber Security Solution is not just about compliance but enabling our customers to run their vessels and business processes under the protection of the best cybersecurity tools and practices.
Please reach out at: [email protected].


“We are proud to be Microsoft Gold Partner

WHAT DOES IMO, NIST AND IACS SAYS?

Approaches to cyber risk management will be company and ship specific but should be guided by the requirements of relevant national, international and flag state regulations and guidelines.

Process - Cyber Security

WHAT SHALL CYBER RISK MANAGEMENT INCLUDE?

  • Identify the roles and responsibilities of users, key personnel, and management both ashore and on board
  • Identify the systems, assets, data, and capabilities that, if disrupted, could pose risks to the ship’s operations and safety implement technical and procedural measures to protect against a cyber incident, timely
  • Detection of incidents and ensure continuity of operations
  • A contingency plan which is regularly exercised
  • Some aspects of cyber risk management may include commercially sensitive or confidential information, for example the cyber risk assessment and its associated hardware and software inventories and network maps
  • Companies should, therefore, consider protecting this information appropriately, and as far as possible, not include sensitive information in their SMS.

We at Varuna Marine Can help!

At Varuna Marine Services B.V. we have been guiding our customers through the arduous process of creating and implementing a cybersecurity framework and policy which is both suitable and scalable depending on organizational needs. We leverage industry-leading threat detection algorithms for state-of-the-art protection and detection of cyber threats.

Our SOC team provides 24/7 coverage and Active Network Monitoring through implementation of CyberShell, a SaaS platform which provides best-in-class visibility of network architecture and all assets in realtime. We provide finished and actionable intelligence against existing and emerging threats in all cyber domains. Our security experts can guide you through scoping, implementation, monitoring, testing and recovery phases of cyber threats.

Our approach to Cyber Security Compliance in line with MSC.428 (98) and consist of 24/7 Active Network Monitoring: CyberShell. Our fully managed cybersecurity solution captures all cyber security-related KPIs and ensures compliance at all times. 

Our team of Cyber Security experts will carry out an annual and biannual soft and hard audit to ensure a full test of readiness against any external cyber attack.

Remote and Onsite OT & IT Systems

Coverage

  • OT and IT
  • Fleet-wide / Company-wide
  • Own Fleet
  • Managed Fleet
  • All Systems, Networks and Devices

Considerations

  • Passive OT & IT Monitoring (agentless)
  • Low Bandwidth
  • Secure Transmission

Monitoring and Alert Management

- 24/7/365 SOC Monitoring
- SAAS Models: Tier 1 - Fully Managed & Tier 2 - Subscription based
- Explanation and direction

Analytics and Reporting

- Monthly/quarterly reports
- Insights and analysis
- Summarized and actionable

Threat Hunting

- Proactive searching
- Advanced threats
- Applied threat intelligence

Finished intelligence requires the right tools, technology and domain expertise

1) Passive OT Device

- Technology partners.
- Connects to Span ports on OT networks
- Can be physical or virtual machines
- Networks are copper or fiber Ethernet
- Work with OEMs for ports and configurations
- Connectivity to CyberShell :
Alert and Connection Manager &
License Server

2) Alert Manager and Console

- Virtual computer (Linux)
- Networked to Passive OT device
- Networked to VSAT for VPN and CyberShell
- IT system log collector (optional)
- Console uses web browser
- Demonstration for client

3) Client Portal

- Secure connection to the CyberShell
- Uses the web browser (i.e., 443)
- Demonstration for client

24/7 Cyber Security call-in line and ticketing-based system available to avail.

Request a 15 minutes Demo at: [email protected]

It’s free and without any commitment!​