Infosec Partners, the global 250 MSSP, has completed the world’s first Maritime Cyber-security baseline certification on one of Seapeak’s Bahamian registered, liquid natural gas (LNG) tankers.
Seapeak (formerly Teekay LNG Partners) are a global leader in international maritime transportation of LNG and LPG.
The cyber baseline scheme is supported by the Royal Institution of Naval Architects (RINA) who are working closely with Infosec Partners to raise security standards across the whole of the maritime industry to the same level as other major onshore industries with the aim of protecting onboard and ship-to-shore IT/OT systems from the latest opportunistic and geo-political cyber threats.
Commissioned in 2018 the 172,000 m³ vessel, one of a fleet of 74 LNG/LPG tankers operated by Seapeak, is fitted with the latest digital technologies to enable high-speed Internet and satellite based communications as well as vital operational monitoring and control systems such as navigation, fuel, engine and cargo management that are crucial to the smooth and safe operation of the vessel at sea.
All these networked systems present an extended attack surface for hackers and need to be protected from the same sort of threats that can disrupt normal land-based networks but potentially with more serious, life-threatening consequences if a breach occurs.
The Maritime Cyber-security baseline certification scheme has been designed to enable ship owners and operators to demonstrate that their cyber security plans meet the International Maritime Organisation’s (IMO) Cyber Risk regulations.
Introduced in 2021 the IMO regulations mean that all sea-going vessels must now be able to prove their compliance to allow unfettered access to ports and on-shore facilities.
To carry out the rigorous certification process Infosec Partners’ assessors undertook extensive remote audits and testing of the vessel’s IT and OT environments, ensuring that all cyber security systems and controls put in place can detect, block and respond to known cyber related threats to prevent a successful breach from occurring.
Mark Oakton, Security Consultant and lead assessor at Infosec Partners comments “Maritime and shipping businesses are embracing automation with the adoption of cutting-edge operational technology.
The maritime threat landscape has changed significantly, and the potential for security compromises has been vastly extended.
The Maritime Baseline scheme provides an affordable and practical way for vessel owners and operators to achieve IMO compliance, demonstrating a risk based approach to cyber security.
As an approved Cyber Essentials Plus assessor and with a proven track record in delivering cyber security solutions to the maritime industry, it was an easy step for us to apply the same skills and procedures to the baseline certification process resulting in the Seapeak’s LNG tanker becoming the first vessel in the world to achieve the high standard required for accreditation.”
The achievement has been recognised with the certificate being presented to Seapeak’s Senior Cyber Security Specialist, Craig Smith by Chris Boyd, CEO of the Royal Institution of Naval Architects at a special ceremony held at RINA’s London head office.
Commenting on the landmark achievement Chris Boyd said: “RINA has a deep desire to help the maritime industry improve cyber security across the constantly changing maritime landscape.
“We fully support the Maritime Cyber Baseline Scheme and congratulate Seapeak on being the first to receive this award. It’s an important step forward in demonstrating IMO compliance and in improving the cyber security posture of their fleet.
“Cyber security for the maritime industry must be taken very seriously, and it’s critical that we as an Institution champion such initiatives that help our community stay up to speed with all the challenges facing the maritime industry.”
Replying on behalf of Seapeak, Craig added: “At Seapeak we take our commitment to cyber security extremely seriously.
“As a global leader in transportation of liquefied gas we understand the need to be compliant with legislation put in place to ensure operations are safe, secure and face minimal disruption at port and at sea.
“Our stance on cyber security is no different and we feel it is imperative that we should do everything within our powers to safeguard our maritime operations, team and clients from the increasing threats posed to our industry.”
In the picture L to R: Chris Boyd, RINA, Craig Smith Seapeak, Mark Oakton Infosec Partners