Cyber Security Service Offerings
As a client you can engage CND to supply individual services, they are entirely modular and can be bespoked to your exact needs. Many clients prefer to opt for a packaged solution, these packages have been developed to suit numerous scenarios, sizes of vessel, risk apetites and budgets.
If you have an IT Managed Service Provider (MSP), our work is complementary to theirs, we will work closely with them forming a symbiotic relationship. Our passion is for cyber security not system administration.
Some of the services from our Security Operations Centres on the Isle of Man and the UK includes:
- Cyber Risk Assessment - This is an interactive workshop during which, in just over half a day, our experts will discuss 100s of cyber security controls and recommend priority actions to you.
- Operational Technology - Ensuring that the yacht operational technologies aren't interfered with by a cyber threat.
- Policy Enforcement - Ensuring that the crew adhere to their Acceptable Use policies which will need to vary between when they are working and for the rare events when they are relaxing (welfare).
- Confidentiality - Ensuring that guests are afforded a level of cyber protection should they require it, whilst maintaining complete confidentiality for their online activities.
- Open-Source Intelligence (OSInt) Monitoring – Our OSInt Team will run constant searches across the Internet looking for references to the yacht which could be confidentiality breaches, such as internal yacht images, close-up drone footage, yacht ownership, guest identification, etc.
- Internal Vulnerability assessment - Larger yachts will have 1,000s of network devices onboard, our tools will discover, identify and report on these assets and their vulnerabilities.
- External Vulnerability assessment - The yacht's network visibility will be regularly checked from the Internet using the same tools and techniques as a hacker, any discovered vulnerabilities will be reported, with recommendations about what could be done to mitigate them.
- Penetration Testing - Our team of specialists will attempt to penetrate the yacht from the Internet using the same tools and techniques as hackers
- Firewall installation, management and monitoring - Next Generation Firewalls can be installed, managed and monitored with the latest Intrusion Prevention Systems and Advanced Malware Protection, affording an exceptional level of defence against cyber threats.
- Our Managed Phishing Assessment service, which will send bespoke emails to the crew to gauge whether a phishing attack would be successful; this service includes training when required.
- Bespoke operational cyber security training – This is available for crew and covers the standard Internet threats and includes training for working in high-risk environments and with VIPs.
- Creation of a bespoke Ship Cyber Security Plan.
Our Superyacht Experience
Since 2004, CND has been delivering maritime cyber security capability to naval forces, including the European Union Naval Force and the British Royal Navy. This maritime experience combined with the provision of cyber security to businesses and high net worth individuals, creates a "sweet spot" for securing superyachts.
Providing cyber security to the superyacht industry has resulted in the rapid adoption of some interesting working practises and communication protocols, not to mention operational priorities when compared to cyber security in the wider maritime industry and beyond.
Our team of cyber security specialists have had to rapidly develop the skills necessary to secure superyachts the hard way and have had to take full advantage of our agility and experience in securing every other industry from spacecraft to maritime and from renewable energy plants to banks.
Many of our cyber security services and technologies have been tweaked and adjusted to satisfy the needs of the superyacht industry, our superyacht experience coupled with our foundation in cyber security has proved invaluable in securiing some of the largest superyachts in the world.
Superyachts bring with them the usual threat of remote attack experienced by any other Internet connected vessel. However, they also have some other interesting soft spots which must be secured, not least of which are the high net worth clients and owners who they carry on board.
We provide superyacht owners, management companies, IT managed service providers and crew with a variety of services, some are bespoke to superyachts and others have been adapted from our land based services. Don't forget to download our superyacht brochure which also includes some of our bespoke services.
