Evionica’s Post

💥 What's the impact of IACS UR E26 and E27 on ongoing #ship operations? Continuous compliance requires ship ⚓ owners to maintain #realtime #monitoring and #intrusiondetection for #classcertification. In this Chapter 5 we discuss what that means and how to approach the ongoing cyber protection requirements. ✅ Got questions or comments about cyber compliance? Our team is ready to help! Drop us a line below. ✅ Subscribe to our page to see the previous episodes and be notified on our next episode where we wrap up the series with 3 things you need to consider for your new build #maritimeindustry #shipowners #IACSUnifiedRequirements #regulations #maritimecybersecurity #e26e27 RINA ClassNK - Nippon Kaiji Kyokai Lloyd's Register Bureau Veritas Group American Bureau of Shipping (ABS) DNV  Polski Rejestr Statków S.A. (PRS) China Classification Society Croatian Register of Shipping KR Indian Register of Shipping

Chapter 5 of our IACS regulatory requirement!

Your information is secure with us! FL Technics has obtained ISO/IEC 27001:2017 Certification! With the digitization and use of technology in aviation, information security has become critical. While being ISO/IEC 27001-certified is still a desire rather than a requirement for most businesses, we believe that it should be mandatory for all companies that handle customer or partner data. For that reason, we have taken significant steps forward and implemented an Information Security Management System, which underwent thorough auditing and was successfully certified by an independent and accredited certification body. It's important to note that ISO/IEC 27001 specifically focuses on safeguarding clients' and customers' data, ensuring that the data hosted and operated by FL Technics is highly secured from cyber threats and other operational risks. We are proud of this achievement and believe that it demonstrates our dedication to maintaining the highest standards of data security, thereby solidifying our position as a trusted partner in the aviation industry. FL Technics acknowledges that ISO/IEC 27001 is a journey, so information security will continue to be a top priority for us. This commitment will be demonstrated through our ongoing improvements and adherence to the highest security standards, as evidenced by periodic surveillance and recertification audits conducted by internationally recognized certification bodies. #ISO27001 #iso27001certification #informationsecurity #customerdataprotection

𝑶𝒖𝒓 𝑻𝑰𝑺𝑨𝑿 𝑻𝒆𝒔𝒕 𝑹𝒆𝒔𝒖𝒍𝒕 𝒊𝒔 𝒂𝒗𝒂𝒊𝒍𝒂𝒃𝒍𝒆! 😉 🔏 🎯 For us, this is an important milestone in our ongoing commitment to data protection and information security. We will continue to invest in our security measures to ensure that we always meet the highest standards.   ✅ The ENX Association supports the common acceptance of information security in the automotive industry with TISAX (Trusted Information Security Assessment Exchange) on behalf of the VDA (German Association of the Automotive Industry). TISAX is a recognized standard for information security in the automotive industry. Check our website for more information.   #tisax #security #datasecurity #informationsecurity #ISMS #automotive #panoffconsulting

How Industry Feedback is Shaping Maritime Cybersecurity Regulations The US Coast Guard (USCG) is charting a course towards more secure waters with proposed cybersecurity regulations for US-flagged vessels. Industry feedback is playing a crucial role in shaping these regulations, with comments highlighting concerns about burden, practicality, and alignment with existing measures. The USCG recognizes the increasing reliance on cyber-connected systems in the maritime industry. While they enhance operational efficiency, they also expose vulnerabilities. The Colonial Pipeline hack in Spring 2021 serves as a stark reminder of the potential consequences of cyberattacks. What are the industry's main concerns? - Burden on Smaller Companies: Smaller companies, like those in tug and barge operations, lack large IT departments and rely on external consultants. They request risk-based plans tailored to their specific needs. - Alternative Security Plans: Industry groups like the American Waterways Operators (AWO) propose incorporating cybersecurity into existing security plans to avoid duplication. - Streamlined Reporting: Concerns exist about excessive reporting requirements. Industry suggests establishing thresholds for reportable incidents and streamlining reporting through the National Response Center. - Cybersecurity Officers: The proposed regulations mandate cybersecurity officers on every vessel. Industry argues this may not be practical and suggests alternative approaches. - Drill Frequency: The proposed frequency of cybersecurity drills is seen as excessive by some. Major shipping lines like Maersk Line are calling for clear, standardized, and risk-based regulations that leverage existing best practices. They advocate for a balance between security and practicality. The USCG issued a Notice of Proposed Rulemaking (NPRM) regarding cyber security for US-flagged vessels in late February 2024. The comment period has now closed, and the USCG is currently reviewing industry comments. The final regulations are expected to be a well-charted course, incorporating industry feedback to ensure effective and practical measures that safeguard the maritime industry from cyber threats. #Cybersecurity #USCG #ShippingIndustry #Shipping #MaritimeCybersecurity #MaritimeSafety

#CRA and #IEC62443 #Maritime #Cybersecurity #MaritimeCybersicherheit The exemption of ship equipment in the Cyber Resilience Act for products that fall under the "Marine Equipment Directive" has an important reason. Mandatory cybersecurity requirements have been in effect for newly commissioned ships since July 1, 2024. For ship equipment, there is a broad reference to #IEC62443. This is crucial because many manufacturers sell components, such as engines, in other industries as well and must comply with the Cyber Resilience Act requirements in the EU. The requirements of the IACS include the Unified Requirements UR E27, which detail the demands on manufacturers. Additionally, UR E26 addresses the cyber resilience during the system integration of components during shipbuilding. #TeligenciaLabs #Teligencia #IEC62443 #Marine #CYBERSECURITY

Cyber Security and Threat Realization for Ports Port operations play an equally critical role in the maritime industry. At ports, vessels load and unload cargo, fuel, and more. As such, ports can also be a potential cyber threat vector for vessels and broader shipping operations. Cybersecurity is considered one of the three top risks at Ports together with piracy and terrorism using submersible security and many ports are not yet fully prepared to counter such risks The threat is great and growing. In fact, relevant organizations such as the IMO have declared the urgent need to raise awareness on cyber-risk threats and vulnerabilities, to support safe and secure shipping, which is operationally resilient to cyber-risks’ encouraging ‘administrations to ensure that cyber-risks are appropriately addressed in safety management systems. EXAMPLE OF A TARGETED ATTACK: "A large-scale targeted attack has already taken place at one of Antwerp's port terminals in Belgium. A drug cartel took control of containers movement and retrieved the data needed to collect it before legit owner." Private 5G could assist in providing a better threat resilience as a secured infrastructure to give Ports their ease-of-mind. Shown in the deck below are some examples on how 5G can assist in handling said threats.

"👾 As the #aviation sector continues to digitalize and interconnect its systems, it becomes crucial to ensure that cybersecurity measures are in place to protect against cyber threats. ✈️ That's why organizations like #EUROCONTROL, #EATMCERT, and #EASA are calling for more robust cybersecurity measures for aviation. Part-IS adds cyber risk management through a certified information security management system, with European aviation organizations having to comply with national cybersecurity standards. 🛡 As a recognized leader in cybersecurity, #Thales provides protection solutions specifically designed for critical environments such as aviation. With over 3500 expert engineers and six operational centers worldwide, Thales offers comprehensive solutions that meet # IATA's Cyber Strategic Partner requirements and consider #aerospace operational and safety constraints. 👉 Find out how you can guard your aviation systems and build up protections tailored to the unique constraints of the aviation sector: http://thls.co/ruqi50PsCXo"