Maritime Cyber Baseline

Certifying Vessels Cyber Security Cobtrols

The Maritime Cyber Baseline scheme provides an affordable and practical way for vessel owners, operators, managers, and builders to improve the cyber security systems onboard their vessels and helps reduce the possibility of a cyber-attack occurring.

Maritime Cyber Baseline covers all vessel classifications and supports a path towards compliance within the IMO Maritime Cyber Risk Management guidelines.

The Maritime Cyber Baseline scheme is supported by the Royal Institution of Naval Architects

The Royal Institution of Naval Architects are delighted to be supporting IASME’s new maritime cyber security scheme… We encourage all those involved in the sector to look at IASME Maritime Cyber Baseline as a practical way to reduce the disruptive impact of cyber-attacks.”

Chris Boyd, Chief Executive of The Royal Institution of Naval Architects

MARITIME CYBER BASELINE CERTIFICATION

  • Reassures your supply chain partners, passengers, flag and port authorities that a vessel has the suitable cyber security controls and processes in place.

  • Demonstrates your commitment to best-practice security for sea faring vessels as you take steps to align with the IMO Maritime Cyber Risk Management guidelines.

  • Allows you to demonstrate your compliance through a Maritime Cyber Baseline digital certificate that can be displayed on your vessel and business communications.

HOW DOES THE SCHEME WORK?

The scheme has been developed with maritime experts Infosec Partners and is designed with two stages of assurance:

  • Level 1-Verified assessment = basic level of assurance

  • Level 2- Higher level of assurance (Audited)

The controls that must be put in place onboard a vessel and the requirements to be met are the same for both levels of assurance. But the depth of testing, and therefore the level of assurance provided by certification, is higher for Level 2.

Level 1 -Verified Assessment

The verified assessment requires the applicant to answer a series of questions about the vessel using the IASME secure online portal. A supervisor at Board Level is required to sign a declaration attesting that the answers to the questions are accurate. The verified assessment is then forwarded to an IASME Maritime Cyber Assessor to assess. If the organisation reaches the required ‘pass mark’ they are issued with a Level 1 Maritime Cyber Baseline certificate, if an organisation fails this first assessment, they will receive guidance from the Assessor on how to improve the security of the vessel and help the organisation try to achieve certification by allowing a further re-test.

The cost for Level 1 Certification is £750 + VAT.

Level 2 - Audited

The audited stage involves an assessor operating on behalf of one of IASME’s Certification Bodies. The first stage of the audit is the verified assessment, once this is completed and a pass mark achieved the assessor will use evidence from the verified assessment to assist in the audit of the vessel. The audit follows a strict schedule to ensure that all vessels are certified to the same criteria and the assessor will make a recommendation to IASME on whether the vessel should pass or fail the certification. IASME’s moderators will review the audit and either agree with the recommendation or request more information to make their decision. If the vessel passes, it is awarded Maritime Cyber Baseline Level 2 certification which lasts for three years. To maintain certification, the vessel owner/operator must complete and pass an annual verified assessment on the first and second anniversary of the audit to demonstrate their continued compliance. The cost for level 2 audited certification is £1950 + VAT, which includes the level 1 verified assessment

Buy Now