Cyber Secure class notation
Secure your vessel against cyber threats and ensure compliance with IMO and IACS UR E26 standards through DNV’s Cyber Secure class notation. This certification showcases your vessel’s strong cyber defences.
As maritime industry becomes more digital, they work more efficiently and with less environmental impact. However, this digital shift also brings new risks, highlighting the importance of robust cybersecurity measures. Reasons for this increased focus include:
- New technologies, including increased automation and digitalization
- An increase in the frequency of cyber incidents, both for shipping and offshore
- New regulations and laws such as the IACS URs
- Inclusion of cyber security in charterers’ vetting evaluations
Our Cyber secure class notation
Since 2018, DNV’s Cyber Secure class notation has been developed to enhance the cyber security of a vessel’s main functions and the owner’s operational needs. It applies to newbuilds across different segments and to vessels and offshore units in operation. The class notation establishes recognised requirements and security levels and is well aligned with IACS UR E26 and E27.
The Cyber secure class notation comprises three different qualifiers:
1. Required qualifications for newbuilding vessels
IACS Compliance – Mandatory for Contracts Signed Post-July 1, 2024
Cyber Secure (Essential): This level extends beyond basic requirements, with a deeper inspection of control systems to ensure security capabilities meet Security Profile 1 (aligned with IEC 62443 Security Level 1). While it caters primarily to complex vessels already in operation, it integrates cybersecurity into existing procedures and systems to maintain an adequate security level. Following IACS UR E26, this security measure is obligatory for all vessels contracted for construction from July 1, 2024.
2. Qualifications for Vessels in Operation (Voluntary)
- Cost-Effective Solution for Existing Vessels: The Cyber Secure entry-level class notation tackles the most critical vulnerabilities in a vessel’s systems. It mandates establishing a cybersecurity management system to secure ship operations in compliance with the forthcoming IMO resolution MSC.428(98). This level is ideal for vessels in operation where only limited modifications to onboard systems are feasible.
- Enhanced IACS Compliance: This differentiates vessels on the same compliance level while catering to specific customer groups that demand higher standards.
- Cyber Secure (Essential): This goes beyond the entry-level by scrutinizing control systems more thoroughly to meet Security Profile 1 (aligned with IEC 62443 Security Level 1). Designed for complex vessels in operation, it integrates cybersecurity into existing procedures to maintain an adequate security level. Mandatory for vessels contracted for construction post-July 1, 2024, per IACS UR E26.
- Coverage: The notations address ten critical onboard functions, including propulsion, steering, navigation, power generation, and watertight integrity, among others.
3. Vessel segment specific additions
Plus Notation (+): The (+) plus notation gives owners the flexibility to add and secure systems beyond the standard requirements, such as cargo, entertainment, IT, and drilling systems. These additions are vital for operations and address specific operational threats that are not covered under the essential and important functions.
Verification Process: All qualifiers rigorously verify the implementation of cybersecurity barriers on board, involving asset owners, operators, system integrators (like shipyards), and equipment manufacturers. The security levels are aligned with the international IEC technical standards, tailored specifically for the maritime industry.
Evidence of Compliance: For vessels not classed by DNV, verification of compliance with the Cyber Secure class notation can also be provided as a service. This helps demonstrate compliance to established cybersecurity standards across the industry.
Your benefits
With DNV’s Cyber secure class notation, you can stay safe and compliant, and get ahead in the digital transformation of the maritime industry:
- Less risk of cyber security threats and reduced downtime due to cyber attacks
- Proof of cyber security resilience for your vessel and ensure compliance with the IMO cyber risk resolution as well as IACS unified requirement E26
- Increased charter probability due to better vetting score from charterers and oil majors
- Regular audits to verify continuous compliance and focus on upcoming cyber security threats
- Increased cyber security awareness of both crew and shore personnel