Secure your vessel against cyber threats and ensure compliance with IMO and IACS UR E26 standards through DNV’s Cyber Secure class notation. This certification showcases your vessel’s strong cyber defences.

SHARE:

The digitalization of the maritime industry is taking place at a rapid pace, radically enhancing the operational efficiency of ships and significantly enhancing their environmental performance. However, this digital shift also brings new risks, highlighting the importance of robust cybersecurity measures. Increased focus is driven by: 

• New technologies, including increased automation and digitalization 
• An increase in the frequency of cyber incidents, both for shipping and offshore 
• New regulations and laws such as the IACS URs 
• Inclusion of cyber security in charterers’ vetting evaluations 

Our Cyber secure class notation

Since 2018, DNV’s Cyber Secure class notation has been developed to enhance the cyber security of a vessel’s main functions and the owner’s operational needs. It applies to newbuilds across different segments and to vessels and offshore units in operation. The class notation establishes recognised requirements and security levels and is well aligned with IACS UR E26 and E27. 

The Cyber secure class notation comprises two main qualifiers: 

• Cyber Secure entry-level class notation addresses the most critical vulnerabilities in a vessel’s system. In addition, the notation requires that a cyber security management system is established to ensure secure ship operation and meet the IMO resolution MSC.428(98). This level is ideal for vessels in operation where only limited modifications to onboard systems are feasible. 
• Cyber secure (Essential) includes all the provisions of the entry-level notation above, but in addition examines the control systems in more detail to ensure security controls/capabilities at security profile 1 (profile of IEC 62443 security level 1). It is primarily intended for more complex ships in operation, and newbuildings whereby cyber security is implemented into existing procedures and systems, aiming to establish an adequate security level.  

The notations cover 10 important onboard essential functions, including propulsion, steering, navigation, power generation, watertight integrity, and others. 

Plus (+) notation: Customers can also avail of the (+) plus notation which gives them the flexibility to add and secure systems beyond the standard requirements, such as cargo, entertainment, IT, and drilling systems. 

Compliance requirements 

Newbuilds: DNV’s Cyber Secure (Essential) class notation enables vessel owners, designers and yards to achieve full compliance with IACS UR 26, which is obligatory for all newbuilds with contracts signed after 1 July 2024. 

Fleet in Service: While vessels already in operation will not be required to comply with the IACS UR’s, many vessel owners are still availing of the benefits of DNV’s Cyber secure class notation. This enables them to prove to the market that they are protected from cyber threats, providing assurance to customers and other stakeholders. The Cyber secure entry-level class notation ensures that basic cyber security levels are achieved and may be ideal for older vessels in operation. More complex vessels in operation are encouraged to avail of the Cyber Secure (Essential) notation.  

Verification process: All qualifiers rigorously verify the implementation of cybersecurity barriers on board, involving asset owners, operators, system integrators (like shipyards), and equipment manufacturers. The security levels are aligned with the international IEC technical standards, tailored specifically for the maritime industry. 

Evidence of compliance: For vessels not classed by DNV, verification of compliance with the Cyber Secure class notation can also be provided as a service. This helps demonstrate compliance to established cybersecurity standards across the industry. 

Plus Notation (+): The (+) plus notation gives owners the flexibility to add and secure systems beyond the standard requirements, such as cargo, entertainment, IT, and drilling systems. These additions are vital for operations and address specific operational threats that are not covered under the essential and important functions.

Verification Process: All qualifiers rigorously verify the implementation of cybersecurity barriers on board, involving asset owners, operators, system integrators (like shipyards), and equipment manufacturers. The security levels are aligned with the international IEC technical standards, tailored specifically for the maritime industry.

Evidence of Compliance: For vessels not classed by DNV, verification of compliance with the Cyber Secure class notation can also be provided as a service. This helps demonstrate compliance to established cybersecurity standards across the industry.

Your benefits

With DNV’s Cyber secure class notation, you can stay safe and compliant, and get ahead in the digital transformation of the maritime industry. Benefits include: 

• Less risk of cyber security threats and reduced downtime due to cyber attacks 
• Proof of cyber security resilience for your vessel and ensured compliance with the IMO cyber risk resolution as well as IACS unified requirement E26 
• Increased charter probability due to better vetting score from charterers and oil majors 
• Regular audits to verify continuous compliance and focus on upcoming cyber security threats 
• Increased cyber security awareness of both crew and shore personnel