Free cookie consent management tool by TermsFeed

MicroSec Launches World’s First Cybersecurity Assessor for IACS UR E26 and Maritime

June 5, 2024

MicroSec, a global leader in Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity, proudly announces the unveiling of MicroIDS Cyber Assessor for Maritime, the world's first automated cybersecurity platform tailored specifically for IACS UR E26 assessments.

Scheduled to come into effect on July 1st, 2024, IACS UR E26, known as the “Cyber Resilience of Ships”, mandates a minimum level of maritime cybersecurity for ships, or "Security-by-Design", for all new-build vessels. Going beyond shipboard security, this regulation emphasizes the imperative for secured integration between Operational Technology (OT) and Information Technology (IT) systems onboard ships to bolster cyber resilience into a vessel’s network throughout its design, construction, commissioning, and operational phases.

This Unified Requirement focuses on the ship as a whole to achieve cyber resilience, and adopts familiar frameworks such as NIST to address five key areas: equipment identification, protection, attack detection, response, and recovery. More specifically, E26’s requirements relating to network and device security, include the following:

  • Risk Assessment. Identify potential threats and vulnerabilities in the system and planned mitigation of these risks.
  • Access Controls. Assign and configure appropriate access controls enforcing restricted user roles and permissions to access critical functions, systems and devices.
  • Data Integrity. Prevention of data manipulation and protection of sensitive data in transit and at rest.
  • Threat detection and prevention. Intrusion detection, firewall management and segmentation of critical systems from less-critical systems.
  • Secured Software Updates. Follow a controlled patch management process and regulate updates to all software and firmware.
  • Incident response. In the event of a cyber attack, to be able to quickly detect, respond and recover from cyber incidents, as well as to maintain a log of activities, monitoring for suspicious behavior.

There are other requirements not relating to cybersecurity directly, but are part of the standard that ship operators, ship owners, and shipbuilders should also be aware of: physical access control, training and awareness, and regular audits.

MicroSec’s Cyber Assessor for Maritime enables ship operators and shipbuilders to take a non-invasive approach with no integration required to easily comply with UR E26 by automating the risk assessment to minimize manual inputs and human errors, intelligent asset mapping to uncover known and unknown systems and devices with zone mapping, and instant threat and vulnerability detection, isolation and response.

In the end, ship operators and owners will receive a compliance score against E26, which establishes a baseline. All identified areas of non-compliance, as well as cyber risks, threats, and vulnerabilities are tracked via compliance dashboards. Management receives a detailed report that includes their compliance score, risks, and recommendations to achieve compliance. Again, this is completely automated, which means the entire assessment, compliance score, and reporting can be completed in hours, instead of days or weeks compared to traditional assessments. It is also designed to assess not just individual vessels, but also fleets, which can translate into massive savings for ship operators and owners.

Commenting on this groundbreaking innovation, Dr. Vishram Mishra, CEO of MicroSec, stated, "The introduction of MicroIDS Cyber Assessor for Maritime marks a pivotal moment in ensuring the safety and security of vessels navigating our seas. By combining our innovations in edge cybersecurity with regulatory compliance, we are empowering ship operators to proactively mitigate cyber risks, ultimately enhancing maritime safety worldwide."

MicroSec's Cyber Assessor for Maritime represents a significant advancement in maritime cybersecurity, leveraging the company's deep expertise in asset detection, threat management, and machine learning. By integrating seamlessly with the E26 framework, the Cyber Assessor bridges the gap between in-vessel network visibility and regulatory compliance, ensuring vessels meet stringent cybersecurity standards while safeguarding against evolving threats.

For more information about MicroSec or its innovative cybersecurity solutions, please visit www.usec.io or contact their media relations team at info@usec.io.