Bond Technology Management & Consultancy (Bond TM) and Maritime Cyber Solutions (MCS) want superyacht crew to be prepared for any scenario when cyber-crime tries to inch its way on board. That’s why in August, they unveiled the Maritime Cyber Risk Awareness Training Course, specifically designed for the yachting industry.


The course was developed, designed, and tailored for yacht crew and shore staff and is a great opportunity for crew to do their part in increasing cybersecurity for their high-status, high-income guests. Dr. Paul Hunton, the leading cybersecurity expert and co-founder of Maritime Cyber Solutions, was directly involved in the development and design, and was assisted by Bond TM.


“Internet-related attacks are estimated to cost the global economy £1.2 trillion a year — that’s £2.3 million every minute,” says Dr. Hunton. “In 2018, 2.3 billion data breaches were estimated to have occurred with the research continuing to show that around 80 percent of breaches are being typically caused by staff and often in error or due to a lack of understanding.”


To help lower these statistics, Dr. Hunton says the International Maritime Organization (IMO) has responded to this threat and issued a formal directive and guidance on cyber-risk management. “The IMO’s directive now forms part of the International Safety Management (ISM) Code and requires cyber-risk management to be integrated into the onboard safety management system no later than 2021,” Dr. Hunton says. “Although not all yachts are bound by the ISM Code, the underlying principles and key elements are fundamental to the onboard safety and security of all yachts regardless.”


“My approach to something so specialized is to actively seek out existing experts rather than to grow the knowledge holistically in-house at Bond, which would take a lot longer to achieve,” says Will Faimatea, founder of Bond TM. “The procedural learning that this course covers and being aware of the types of attacks that can occur, is vital to understanding cybersecurity.”


Faimatea has another convincing reason why the yachting industry should be interested in this training course: “Cybersecurity will be a mandated part of the [ISM] Code from 2021, which means after this date, yachts will need to demonstrate what cyber-risk management procedures they have put in place.” There’s still a lot of pending legislation.


“People should care because cyber-risk management will become mandatory for all the yachts subject to the ISM Code. The date has already been set — from January 2021 — so they need to act now,” stresses Dr. Hunton. “For everyone else, the industry guidance cited in the ISM Code is a structured best-practice approach and can be used as the basis to improve general onboard cybersecurity regardless. We know from experience that insurance companies will look at liability and who is at fault should a cyber breach occur.”


The half-day course, which is GCHQ (Government Communications Headquarters)-accredited in the UK involves classroom-based learning over a period of four hours. It covers all current issues addressed under maritime guidance and directives. Courses can take place on board with accredited trainers who have vast experience in both yacht and IT training. Prices vary from individuals to group instruction.;


Courtesy Dockwalk — LAURA DUNN