FAQ

Frequently Asked Questions

You have questions! We will try to answer some of them here!

What is the Maritime Cyber Guild?

The Maritime Cyber Guild is an organization dedicated to addressing cybersecurity risks in the maritime industry. It focuses on enhancing the safety, security, and operational resilience of maritime technology assets.

What is the cost of membership?

It's FREE! We understand that everyone has different financial headroom, and we believe that money should not be an obstacle in sharing knowledge. Everyone contributes to the best of their abilities. The generosity of our members and their organizations have so far enabled us to host meetings at zero cost to the attendees. For any activities which have an external cost, these would be shared equally between attendees.

Why is cybersecurity important in the maritime industry?

Cybersecurity is crucial in the maritime industry to protect against potential threats that could lead to operational, safety, or security failures. With the increasing reliance on technology, ensuring the integrity of information and systems is paramount¹.

What is Maritime Cyber Risk Management?

Maritime Cyber Risk Management involves identifying and mitigating risks associated with the use of technology in maritime operations. It is guided by national, international, and flag state regulations and aims to integrate cybersecurity into the Safety Management System (SMS)².

How can maritime facilities assess their cybersecurity posture?

Maritime facilities can assess their cybersecurity posture by conducting a Cybersecurity Assessment. This process helps in identifying vulnerabilities and creating a cyber annex to the Facility Security Plan³.

Where can I find guidelines on cyber security onboard ships?

Guidelines on cyber security onboard ships can be found in the document titled “The Guidelines on Cyber Security Onboard Ships,” which provides approaches to cyber risk management tailored to company and ship specifics².

What are the recent updates on maritime cybersecurity regulations?

The International Maritime Organization (IMO) adopted resolution MSC.428(98) in 2017, which mandates the inclusion of Maritime Cyber Risk Management in the Safety Management System (SMS). For the latest updates, refer to the official IMO website¹.

How has the Coast Guard updated its cyber policies for the maritime industry?

In August 2021, the Coast Guard released an updated version of its Cyber Strategic Outlook, which emphasizes the responsibility of shoreside commanders to prevent and respond to cyber incidents within the Marine Transportation System (MTS). This includes applying existing frameworks for prevention and response activities to mitigate cyber risks¹.

What are the challenges in preventing cyber breaches in the Maritime Transportation System?

Cyber breaches in the Maritime Transportation System can be caused by stovepiped software designs, which create vulnerabilities. Addressing these challenges requires a comprehensive approach to software design and cybersecurity practices².

What are the IMO 2021 Cyber Guidelines?

The IMO 2021 Cyber Guidelines provide a set of measures for protecting vessels and seaports from cyber threats. These guidelines are particularly important for owners and operators of commercial vessels involved in international trade³.

How can maritime organizations stay updated with cybersecurity regulations?

Maritime organizations should regularly consult the official websites of the International Maritime Organization (IMO) and other relevant authorities for the latest updates on cybersecurity regulations and best practices.

FAQs on IACS E26 and E27

What is IACS UR E26?

IACS UR E26 is a Unified Requirement that aims to ensure the cyber resilience of ships. It covers the secure integration of Operational Technology (OT) and Information Technology (IT) equipment into the vessel’s network during design, construction, commissioning, and operational life. The requirement addresses five key aspects: Identify, Protect, Detect, Respond, and Recover¹.

What is the purpose of IACS UR E26?

The purpose of IACS UR E26 is to provide a minimum set of requirements for cyber resilience of ships, which includes safeguarding ships from current and emerging threats by establishing common functional and performance criteria¹.

What is IACS UR E27?

IACS UR E27 provides requirements for the cyber resilience of onboard systems and equipment. It ensures system integrity is secured and hardened by third-party equipment suppliers, covering product design and development requirements for new devices before their implementation onboard ships².

How do IACS UR E26 and E27 relate to each other?

While IACS UR E26 targets the ship as a collective entity for cyber resilience, IACS UR E27 focuses on the cyber resilience of individual onboard systems and equipment. Both are complementary and aim to enhance the overall cyber resilience of maritime operations².

When will IACS UR E26 and E27 be implemented?

The revised versions of IACS UR E26 and E27 will be applied to new ships contracted for construction on and after 1 July 2024. The original versions have been withdrawn to avoid confusion and to incorporate industry feedback for clarity in applicability³.

Where can I find more information on IACS UR E26 and E27?

More information on IACS UR E26 and E27 can be found on the IACS website. The revised versions of UR E27 and E26 are available there.

Is this content generated by AI?

YES! We are not website-designers, so LLMs as well as image generators have been used in the creation of this website! While the website is made by a robot, rest assured that real-live people are behind the organization! 🙂�