In today's increasingly digitalized maritime industry, ensuring cyber resilience and security compliance in marine applications is paramount. As vessels become more interconnected and reliant on digital technologies, safeguarding against cyber threats is no longer an option but a necessity.

In June 2020, Maersk, a Danish shipping and logistics giant, disclosed a financial setback ranging from $200-300 million as a consequence of a cyber attack. This disruption incapacitated critical systems, resulting in a halt in processing shipping orders until system restoration, causing a revenue freeze for several of the company's shipping container lines for weeks. In all, three out of Maersk's nine business units encountered disturbances arising from the attack.

Recognizing this imperative, DEIF, a leading provider of marine-approved products, is taking proactive steps to bolster its offerings with an added layer of cyber security, aligning with the stringent requirements of IACS UR E27 Compliance.

Why It's Increasingly Important to Strengthen Cyber Resilience within the Marine Industry

Marine vessels today are increasingly being connected to the Internet of Things (IoT) for several reasons:

1. Operational Efficiency: IoT devices can collect real-time data from various sensors and systems on board, such as engine performance, fuel consumption, weather conditions, and cargo status. Analyzing this data allows operators to optimize vessel performance, reduce fuel consumption, and improve operational efficiency.
2. Predictive Maintenance: By continuously monitoring the condition of onboard equipment and machinery through IoT sensors, operators can detect potential issues early and schedule maintenance proactively. This approach minimizes downtime and reduces the risk of costly equipment failures while maximizing the lifespan of critical components.
3. Safety and Security: IoT-enabled systems can enhance safety and security measures on marine vessels. For example, IoT sensors can monitor environmental conditions (such as temperature, humidity, and gas levels) to ensure safety standards and regulations compliance. IoT-based surveillance systems can also help detect and respond to security threats in real-time.
4. Environmental Compliance: With an increasing focus on environmental sustainability and regulatory requirements, IoT technology can assist marine vessels in monitoring emissions, fuel consumption, and other environmental parameters. This data can be used to ensure compliance with regulations and optimize environmental performance.
5. Remote Monitoring and Management: IoT connectivity allows remote monitoring and managing marine vessels from onshore locations. This capability enables operators to track vessel location, performance, and condition in real-time, improving situational awareness and enabling timely decision-making.
6. Integration with Shore-based Systems: IoT connectivity facilitates integration between marine vessels and shore-based systems, such as port authorities, logistics providers, and shipping companies. This integration streamlines communication, coordination, and data exchange, leading to more efficient and synchronized operations across the maritime ecosystem.

Integrating IoT technology into marine vessels offers numerous benefits, including improved operational efficiency, enhanced safety and security, better environmental compliance, and greater connectivity with shore-based systems. However, it's important to implement robust cybersecurity measures to safeguard IoT-enabled systems from cyber threats and ensure the resilience of maritime operations.

Differences Between Cybersecurity and Cyber Resilience

Cybersecurity and cyber resilience are related concepts but differ in their focus and scope:

1. Cybersecurity:
   • Cybersecurity primarily focuses on preventing, detecting, and responding to cyber threats and attacks. It encompasses firewalls, antivirus software, encryption, access controls, and intrusion detection systems.
   • The goal of cybersecurity is to protect systems, networks, and data from unauthorized access, disruption, or damage by cybercriminals, hackers, or malicious actors.
   • Cybersecurity measures aim to establish a strong defense posture to prevent cyber incidents from occurring or mitigate their impact if they do occur.
   • Cybersecurity often involves implementing preventive measures and controls to safeguard against known threats and vulnerabilities.
2. Cyber Resilience:
   • Cyber resilience goes beyond cybersecurity and effectively encompasses a broader approach to managing and recovering from cyber incidents.
   • Cyber resilience focuses on the ability of an organization or system to withstand, adapt to, and recover from cyber threats and incidents while maintaining essential functions and services.
   • Unlike cybersecurity, which primarily focuses on prevention, cyber resilience emphasizes readiness, response, and recovery capabilities.
   • Cyber resilience involves preventing and preparing for cyber incidents, responding promptly and effectively when they occur, and restoring operations to normalcy.
   • Cyber resilience acknowledges that cyber incidents are inevitable and seeks to minimize their impact on business operations and continuity.

In summary, cybersecurity primarily focuses on preventing and mitigating cyber threats through preventive measures and controls, while cyber resilience takes a broader perspective, emphasizing readiness, response, and recovery capabilities to manage and recover from cyber incidents effectively. Cybersecurity fundamentals can be implemented at an IT level through security measures like firewalls, encryption, and network security. However, in this context of cyber resilience in DEIF marine IoT applications, Operational Technology devices can adhere to compliances that define cyber resilience and complement cybersecurity by ensuring that organizations can continue to operate and deliver essential services even in the face of cyber disruptions.

What is IACS UR E26 and E27 Compliance?

In April 2022, the International Association of Classification Societies (IACS) released two fresh URs (Unified Requirements) regarding cybersecurity: UR E26 and UR E27. These requirements outline criteria aimed at enhancing the capacity to decrease the likelihood and alleviate the impact of cyber incidents resulting from cyber-attacks, commonly termed "cyber resilience."

These requirements, "Cyber Resilience of Ships" (UR E26) and "Cyber Resilience of On-Board Systems and Equipment" (UR E27), are aimed at enhancing the cyber resilience of ships and their onboard systems and equipment in the maritime industry.

Here's a summary of the key points:

1. Publication and Scope: IACS published UR E26 and UR E27 to address the increasing digitalization and interconnectedness in the maritime industry. These requirements apply to new ships and were set to take effect from January 1, 2024.
2. Standardization and Feedback: With growing experience in cyber security oversight in the maritime sector, there was a need for a standardized approach to survey requirements and enhancements based on industry feedback.
3. Applicability and Compliance: To address challenges in implementing these requirements in smaller and non-conventional vessels, the scope of applicability has been categorized as mandatory and non-mandatory compliance, depending on vessel types and sizes.
4. Revised Versions: Extensive changes have been made to UR E26 and UR E27 based on industry feedback and standardization needs. These revised versions supersede the originals and will be applied to new ships contracted for construction on and after July 1, 2024.
5. Withdrawal of Original Versions: To avoid confusion, the original versions of UR E26 and UR E27, along with their previous application date of January 1, 2024, have been withdrawn.
6. IACS Decision: Given that the original requirements had not yet entered into force, IACS has decided to apply only the revised requirements from July 1, 2024. This decision aims to provide clarity to the industry regarding the implementation timeline.

Overall, these requirements underscore the importance of cyber resilience in the maritime industry and aim to ensure that ships and their onboard systems are adequately protected against cyber threats, thereby safeguarding operations, safety, and data integrity.

DEIF's Cyber Resilience Compliance in Marine Applications

DEIF's commitment to cyber resilience and security compliance is evident in its comprehensive range of marine-approved products. From power management systems to engine control solutions, each product undergoes rigorous testing and certification to meet the highest standards of reliability and performance. Integrating IACS UR E27 Compliance, DEIF products offer enhanced protection against cyber threats, ensuring maritime operations' safety, efficiency, and integrity.

Let's take a closer look at some of DEIF's marine-approved products and their compliance status with IACS UR E27:

1. iE 350 Marine: This innovative power management system from DEIF is designed to optimize energy efficiency and ensure reliable operation in marine applications. With IACS UR E27 Compliance, the iE 350 Marine provides an additional layer of cyber security, safeguarding critical systems and assets against cyber threats.
2. iE 250 Marine: Similar to its counterpart, the iE 250 Marine offers advanced power management capabilities tailored to the unique requirements of marine environments. By incorporating IACS UR E27 Compliance, DEIF reinforces its commitment to cyber resilience and security, instilling customer confidence worldwide.
3. MVR 250 Series: While currently in development, the MVR 250 Series represents the future of DEIF's marine-approved products. With a focus on cyber security compliance, DEIF aims to deliver cutting-edge solutions that meet the evolving needs of the maritime industry.
4. UNILINE Mk II: As per requirement, DEIF is committed to enhancing the cyber resilience of its UNILINE Mk II product line. By prioritizing cyber security, DEIF ensures its solutions remain at the forefront of technological innovation while mitigating potential cyber risks.
5. AGC 150 Marine: Similar to the UNILINE Mk II, the AGC 150 Marine is poised to incorporate cyber security compliance in the near future. DEIF recognizes the importance of staying ahead of emerging cyber threats and is dedicated to equipping its products with the necessary safeguards.
6. XDI (M, N & D), MTR-4, MTR-4P, MIC-2 Mk II: These upcoming products from DEIF underscore the company's proactive approach to cyber security. Integrating IACS UR E27 Compliance ensures that DEIF's product portfolio meets the highest cyber resilience and security standards.

While some products are still developing or awaiting compliance certification, DEIF remains committed to delivering state-of-the-art solutions prioritizing cyber resilience and security. With a focus on innovation, reliability, and customer satisfaction, DEIF continues solidifying its position as a trusted partner in the maritime industry.

In conclusion, DEIF's efforts to demonstrate cyber resilience and security compliance in its marine applications reflect its unwavering dedication to excellence. By embracing IACS UR E27 Compliance and incorporating cyber security measures into its product portfolio, DEIF empowers customers to navigate the digital landscape confidently, ensuring the safety and reliability of marine operations for years to come.

Contact Us to Learn More About DEIF Products That Support Cyber Resilience Within The Marine Industry!