Superyacht Cyber Security

Introduction

The primary mission for cyber security on a superyacht is ensuring that the guest experience is transparently fulfilled. Our experience in providing cyber security to superyachts has demonstarted to us that one size doesn't fit all and we have had to learn through trial and error which cyber security technologies, which work well on a terrestrial deployment, don't work for maritime.

CND also supply preformed packages of cyber security services, according to the size of ship, risk, or budget. (Bronze, Silver and Gold) each crafted to meet the IMO 5 elements of Cyber Risk Management for both Information Technology (IT) and Operational Technology (OT). Our Platinum package is designed for fleets of ships, where resources are shared across the fleet to save money and provide correlated cyber security situational awareness.

From the 1st of January 2021, cyber security will come under the remit of the International Safety Management System (ISM) Code, supported by the IMO Resolution MSC.428(98), requiring ship owners and managers to assess cyber risk and implement relevant measures.

Cyber Security Service Offerings

As a client you can engage CND to supply individual services, they are entirely modular and can be bespoked to your exact needs. Many clients prefer to opt for a packaged solution, these packages have been developed to suit numerous scenarios, sizes of vessel, risk apetites and budgets. 

If you have an IT Managed Service Provider (MSP), our work is complementary to theirs, we will work closely with them forming a symbiotic relationship. Our passion is for cyber security not system administration.

Some of the services from our Security Operations Centres on the Isle of Man and the UK includes:

Click Here For a Selection of CND Cyber Security Superyacht Services
  • Cyber Risk Assessment - This is an interactive workshop during which, in just over half a day, our experts will discuss 100s of cyber security controls and recommend priority actions to you.
  • Operational Technology - Ensuring that the yacht operational technologies aren't interfered with by a cyber threat.
  • Policy Enforcement - Ensuring that the crew adhere to their Acceptable Use policies which will need to vary between when they are working and for the rare events when they are relaxing (welfare).
  • Confidentiality - Ensuring that guests are afforded a level of cyber protection should they require it, whilst maintaining complete confidentiality for their online activities.
  • Open-Source Intelligence (OSInt) Monitoring – Our OSInt Team will run constant searches across the Internet looking for references to the yacht which could be confidentiality breaches, such as internal yacht images, close-up drone footage, yacht ownership, guest identification, etc.
  • Internal Vulnerability assessment - Larger yachts will have 1,000s of network devices onboard, our tools will discover, identify and report on these assets and their vulnerabilities.
  • External Vulnerability assessment - The yacht's network visibility will be regularly checked from the Internet using the same tools and techniques as a hacker, any discovered vulnerabilities will be reported, with recommendations about what could be done to mitigate them.
  • Penetration Testing - Our team of specialists will attempt to penetrate the yacht from the Internet using the same tools and techniques as hackers 
  • Firewall installation, management and monitoring - Next Generation Firewalls can be installed, managed and monitored with the latest Intrusion Prevention Systems and Advanced Malware Protection, affording an exceptional level of defence against cyber threats.
  • Our Managed Phishing Assessment service, which will send bespoke emails to the crew to gauge whether a phishing attack would be successful; this service includes training when required.
  • Bespoke operational cyber security training – This is available for crew and covers the standard Internet threats and includes training for working in high-risk environments and with VIPs.
  • Creation of a bespoke Ship Cyber Security Plan.

CND Superyacht Cyber Security Packages

Bronze Superyacht Cyber Package

This is our base offering which provides an extremely affordable package of measures which can be implemented remotely with minimal disruption to the ship. For many clients this is a first step towards cyber security and often implemented mid season before progressing through to Silver or Gold.

Compare Superyacht Cyber Security Packages

Silver Superyacht Cyber Package

The Silver Package incorporates many of the features of the Bronze Package but builds upon them using an onboard cyber security sensor, providing far greater visibility of cyber threats and protection for the ship and especially the network boundaries. 

Compare Superyacht Cyber Security Packages

Gold Superyacht Cyber Package

The Gold Package extends the Silver protection yet further from the boundary into the heart of the network, providing a defence in depth solution right down to the endpoints (desktops & laptops) and the crew. Several further technologies and managed services are included to provide an unsurpassed level of cyber security.

Compare Superyacht Cyber Security Packages

Platinum Fleet Cyber Package

Where an owner or management company has more than one ship secured by CND and where at least one of these has a Silver or Gold package installed. The overarching Platinum package may prove to be more appealling as we are able to share resources across the fleet, thereby greatly reducing the cost when compared to purchasing standalone cyber security packages for each ship. Moreover, sharing resources in this manner enables us to deploy some of the more advanced cyber security capabilities normally reserved for Silver and Gold packages down to the smaller ships in the fleet at negligible additional cost.  

Once fleets exceed a certain size, they will be allocated their own dedicated CND cyber security analyst, they will immerse themselves into the activities across the fleet and understand the normal pattern of life, providing continuity and building effective communications as the primary point of contact with the crews. They themselves will be backed up by several CND cyber security teams, each with their own fields of expertise.

Our Superyacht Experience

Since 2004, CND has been delivering maritime cyber security capability to naval forces, including the European Union Naval Force and the British Royal Navy. This maritime experience combined with the provision of cyber security to businesses and high net worth individuals, creates a "sweet spot" for securing superyachts. 

Providing cyber security to the superyacht industry has resulted in the rapid adoption of some interesting working practises and communication protocols, not to mention operational priorities when compared to cyber security in the wider maritime industry and beyond.

Our team of cyber security specialists have had to rapidly develop the skills necessary to secure superyachts the hard way and have had to take full advantage of our agility and experience in securing every other industry from spacecraft to maritime and from renewable energy plants to banks. 

Many of our cyber security services and technologies have been tweaked and adjusted to satisfy the needs of the superyacht industry, our superyacht experience coupled with our foundation in cyber security has proved invaluable in securiing some of the largest superyachts in the world.

Superyachts bring with them the usual threat of remote attack experienced by any other Internet connected vessel. However, they also have some other interesting soft spots which must be secured, not least of which are the high net worth clients and owners who they carry on board.

We provide superyacht owners, management companies, IT managed service providers and crew with a variety of services, some are bespoke to superyachts and others have been adapted from our land based services. Don't forget to download our superyacht brochure which also includes some of our bespoke services.

Compare Superyacht Cyber Packages

The International Maritime Organization (IMO) Cyber Security Guidelines have adopted the cyber security industry approach of dividing cyber security into 5 Elements: More Info These 5 Elements are met within each of the CND Superyacht Cyber Security Packages. As each level increases, so does the level of security provided.

| Identify | Protect | Detect | Respond | Recover | 

Bronze Cyber Package

IMO 5 Elements of Cyber Risk Management

  • The initial scoping call will enable us to identify key personnel and the cyber security assets which when disrupted, pose risks to ship operations.

  • The existing firewalls, antivirus and other cyber security protection devices and applications will be checked to ensure they are configured correctly.

    Where the existing tools are found to be missing, unsupported or inadequate, CND will recommend replacements for the MSP to provide, or where there is no MSP, CND can provide them.

  • CND will install cutting edge traffic monitoring technology which will detect malicious network traffic at the boundary and where appropriate to do so, block the threats.

    CND will also scan your external Internet addresses (if static) to detect any vulnerabilities which might be exploied by an attacker.

  • CND will work with the crew to develop robust procedures and communication paths to provide effective responses to a cyber security incident. 

  • CND will work with the crew to identify critical assets and ensure they are being backed up correctly and that should an incident occur they can be restored quickly

Silver Cyber Package

IMO 5 Elements of Cyber Risk Management

  • A Cyber Risk Assessment (aka Cyber Security Assessment (IET)) will be undertaken this is a one day workshop which consider 100's of cyber security controls.

    Using the virtual scanner which is embodied within our onboard sensor, the internal networks of the ship are scanned in order to discover all network assets onboard the ship. The software will also attempt to identify the type of device being scanned.

    Inventory information is also collected from Windows Active Directory, and VMware vCenter and vSphere (if used)

    A Vulnerability scan will be conducted from our sensor to identify vulnerabilities, this will enable our SOC to prioritise incidents.

  • Within the Silver Package the focus is on protecting the boundary, our security architects will discuss the network design and make recommendations where relevant. Next Generation firewalls will be managed and monitored by CND security engineers and analysts.

  • Our onboard sensor will take network and security events from multiple sources, then correlate them and apply cutting edge intelligence to the information. This is then fed to our Security Operations Centres located in the Isle of Man and the United Kingdom.

    Depending on the network design, our sensor may also take network feeds into several intrusion detection systems, to supplement the firewall feeds.

  • Cnd will work with the crew to produce an Incident Response Plan

  • CND will work with the crew to identify critical assets and ensure they are being backed up correctly and that should an incident occur they can be restored quickly

Gold Cyber Package

IMO 5 Elements of Cyber Risk Management

  • The sensor asset discovery engine will be scheduled to run daily and be supplemented with manual scans from a separate product to improve the accuracy of the information.

    The standard vulnerability scan will be enhanced using a market leading virtual vulnerability scanner, the vulnerability information will be reported to the crew and/or MSP for rectification.

  • The boundary protection will be extended into the heart of the network, with security audits and recommendations for the GPO. Antivirus will be managed by CND as an MSSP.

    Managed Phishing Assessment Service. Crew will receive irregular safe phishing emails to educate them and keep them on their guard.

    Endpoints such as servers, desktops and laptops will be protected using our Managed Endpoint Security Service, which combines a number of technologies to protect the devices.

  • Open Source Intelligence Monitoring.  The Internet will be constantly searched for mention of the ship and breaches of sensitive information, such as identification of guests or crew policy violations.

    The ship domain will be monitored for new similar domain registrations which could be used for phishing.

  • CND will host table top exercises to test your incident response plan.

    CND will provide you with cyber security policy templates, such as Acceptable Use Policy and Crew Social Media Policy.

    CND will help you produce a Ship Cyber Security Plan to conform to the IET Cyber Security for Ships Code of Practice

  • CND will extend the Incident Response Policy to ensure it includes recovery and the identification of key personnel required.

Our "Boat International" Article On Cyber
Download our Superyacht Brochure
UK Department for Transport Code of Practice 'Cyber Security for Ships'

Superyacht Services

Cyber Attack Triage or First Response

If you think you may have been hacked or have had a cyber security incident, please reach out for honest salient advice about if there is a problem and how serious the problem might be. More Info....

Cyber Profile Assessment

A our GCHQ trained intelligence analyst will perform a remote health check of the online presence for your superyacht, it's owner (if you wish) and the crew, in order to ascertain any adverse publicity, itinerary leaks, or information which could be used for a cyber attack. More Info...
 

Managed Detection and Response

Our superyacht monitoring service gathers security logs from your onboard systems and computers, sending any events securely to our Security Operations Centre on the Isle of Man.
 
Our onboard virtual device will also scan your onboard systems looking for vulnerabilities and includes several network intrusion detection systems which spot suspicious activity, protecting you and your guests.   More Info...

Phishing Assessment

Phishing is the preferred way for an attacker to penetrate your superyacht. Instead of them breaking in through the boundary, if a member of crew, or even a guest, falls for a phishing email, they effectively open the door to the attacker and invite them in.
 
With our Phishing Assessment service, we send your crew irregular realistic phishing emails and instead of being malicious, victims will be educated on what they could have done to identify it. More Info...

Vulnerability Assessment

For that piece of mind about how vulnerable you are to a remote attack, we will scan your superyacht remotely from the perspective of a hacker and look for vulnerabilities. 

For that added confidence we can schedule these scans to run every week, we can even install agents to check your computers and laptops on a near real time basis, even if they have gone ashore. 

More Info...

virtual Chief Information Security Officer

Employing a full time cyber security subject matter expert is not an option for many organisations. Enter the virtual CISO.

Your very own cyber security subject matter expert, available for as much time as you need under our MSSP service, gets to know you and your superyacht and works with you as and when you need them. More Info...

Cyber Risk Assessment

During this one day workshop our team will work with your crew, IT Providers and any other stake holders, such as the Management Company and/or owner to identify all of the cybersecurity risks your superyacht faces.

We will discuss the risks and suggest priorities, forever keeping in mind that you have a budget and a business to run. The output is a report on the capability gap of where you are now and the agreed destination.   More Info...

Penetration Testing

Taking a vulnerability assessment to the next level, where we us the actual tools and techniques employed by hackers to break into your networks, actually exploiting the vulnerabilities which have been discovered.
 
Rest assured that you define the scope of what we can and cannot do. More Info...
 

Incident Response

When you have a cyber security incident, you don't need to feel that you are set adrift and alone.  Our team can start working with you immediately to identify the problem, contain it and help to fix it. Much of the work can be undertaken remotely, though if you would prefer us onboard, our subject matter experts are at the ready. More Info...

Boundary Protection

The boundary between your superyacht and the Internet must be secure as it's your first line of defence against a cyber attack. CND not only provides market leading firewalls, but can also provide a number of other technologies which add further protection for data which is allowed through the firewall. 

More Info...

Security Architecture

Our experts will review how the various networks onboard are configured, map data flows around which systems should be communicating with other systems and then bring cyber security into the equation. Ensuring that any cyber security risks are mitigated.

This service isn't just for a refit and huge gains can be made with your existing equipment at any time in the season More Info...

Find Out More

Schedule a Call
© Computer Network Defence Limited 2021
For The Latest Updates Please Subscribe to Our Feed

 |  Subscribe in a reader  

Or Follow Us on LinkedIn