Ships are increasingly using systems that rely on digitalization, integration and automation, which calls for cyber risk management onboard. As technology continues to develop, information technology (IT) and operational technology (OT) onboard ships are being networked together and more frequently connected to the internet.
Approaches to cyber security will be company – and ship – specific, but should be guided by appropriate standards and the requirements of relevant national regulations. CaptainAR procedures provide a risk-based approach to identifying and responding to cyber threats. An important aspect is that relevant personnel should have training in identifying the typical modus operandi of cyber attacks.
Understanding the uniqueness of the challenge and the seriousness of the risk, we at CaptainAR found only one solution which was able to fully meet the needs of securing maritime environments in front of cyber risks.
CaptainAR Tech is the first multilayered cybersecurity solution
Comprised of ex-Naval Officer and Cyber Security experts, CaptainAR Tech is the first multilayered cybersecurity solution for critical onboard systems. Offering remote secure access, OTA updates, and anomaly analysis, this application acts as an onboard IT team. It is the first of its kind to offer a hands-off solution. Addresses both internal and external threats, invaders can never reach the navigational or operational systems.
We seek to deliver the right blend of innovation and engineering to harness the potential of emerging technologies and the best marine practices to meet our clients’ needs
Cyber risk management should:
- Identify the roles and responsabilities of users, key personnel, and management both ashore and onboard.
- Identify the systems, assets, data and capabilities witch if disrupted could pose risk to the ship´s operations and safety.
- Implement technical measures to protect against a cyber incident and ensure continuity of operations. This may incluide configurations of networks, access control to networks and systems, communications and boundary defence and the use of protection and detection software.
- Implement activities and plans (procedural protection measures) to provide resilience against cyber incident. This may include training and awareness, software maintenence, remote and local access, access privileges, uses of removable media and equipment disposal.
- Implement activities to prepare for and respond to cyber incident.