Fleet Cyber Security Officer

Training for persons nominated to prepare, deploy and continuously manage an effective cyber risk management system.

Objectives

To train onshore staff to take over the responsibility for managing their fleet's cyber risks and enable them to best develop, integrate and implement cyber risk management onboard vessels of today.



Entrance requirements

Basic maritime knowledge including maritime cyber security knowledge.

Who should attend:

Onshore staff with responsibility for, or involved in, safeguarding vessels from cyber risks.

Duration: 12 hours


Since January 1st 2021 DOC audits have included cyber risk management on a global level. This course is designed to support the key responsible person from a ship manager or owner to prepare, deploy and continuously manage an effective cyber risk management system onboard.

This course addresses the IMO Resolution MSC.428 (98), MSC-FAL.1-Circ.3, as well as critical parts of IACS UR-E26 and UR-E27, and industry practices. It is aligned with the NIST Cybersecurity Framework tailored to the maritime industry. It supports the ship manager/owner in maintaining compliance with these rules and effectively minimizing cyber security risks over time.

Course participants will learn how to effectively implement a “defense-in-depth” approach to both onboard IT and OT cyber risk management. This process starts by gathering the right stakeholder involvement, defining onboard and shoreside cyber responsibilities, and developing necessary cyber management processes. For the implementation and rollout to the fleet, the participants will learn how to develop an inventory of critical IT and OT systems , assess the cyber risks by IT and OT system and identify relevant preventive and risk-mitigating measures (e.g. network segregation, OT system change management, remote access controls and obsolescence management). 

The course includes hands-on exercises for preparing a system inventory, network zones and conduits, deploying relevant cyber controls for the crew and managing yard/vendor cyber security in all life-cycle phases of a vessel. The courses concludes with  a final exam.

 This course was developed to further complement DNV Maritime's Cyber Security Services: Maritime Cyber Security


Focus Points:

  • Requirements of the Fleet Cyber Security Officer
  • Handling of cyber security rules and regulations  
  • Principles of effective cyber risk management for vessels
    • identify roles and responsibilities for cyber risk management, assess onboard risks and vulnerable assets to be secured 
    • protect assets through 3 key cyber barrier dimensions
    • detect vulnerabilities, threats and events in a timely manner 
    • respond and plan to increase resilience against incidents 
    • recover and restore assets in order to come back to normal operations
  • Continuous improvements, audits and maturity finalization 
  • Benefit from DNV experience with other customer projects