Background
Eastern Pacific Shipping (EPS) has a mission to be the safe and efficient transportation provider of choice to the shipping industry.
EPS was on a journey of improving their cyber hygiene, that involved standardising technology architecture onboard, rolling out cybersecurity policy for the fleet and delivering annual cyber security campaigns and cyber security training at sea.
The EPS IT team identified the need to continue their journey of improving cyber risk management in the wake of escalating cyber risks in shipping.
Key customer challenges
The EPS team were looking to improve their cybersecurity capability and operations:
Maintain an updated understanding of the critical assets and networks onboard vessels, in order to assess and address their associated cyber risk
Proactively identify cyber risks to onboard systems and address them as they arise before any losses or interruptions are sustained.
Reduce the effort required to evidence an effective cyber risk management system during inspections, in line with IMO 2021 requirements.
How CyberOwl has helped EPS
EPS deployed CyberOwl’s Medulla, a maritime cyber security monitoring and analytics system, on their fleet across a number of segments – containership, crude and product tanker and LNG. Deployment was completely remotely, without the need for an engineer to visit the vessel. Medulla, together with the Managed Services provided by CyberOwl’s maritime cyber security experts, has helped EPS gain visibility, security and cyber compliance of their shipboard assets and networks.
Asset discovery
“CyberOwl Medulla gives us visibility of assets connected to our vessel networks. We have found many instances where the reality of onboard equipment deviated from our documented inventory. The visibility enables us to take action to remove unwanted devices or update our inventory and add the newly discovered devices to ongoing security monitoring.”
Security anomalies
“Medulla enables us to focus our time in mitigating risks and protecting our high-value assets onboard. If an issue requires our attention we receive an incident report with detailed analysis of what has happened and guidance on next steps. This makes it efficient for us to investigate and resolve.”
Compliance reports
“CyberOwl Medulla uses monitoring data to measure the performance of our procedural and technical security controls. This gives us visibility of any controls which are not performing as expected but also enables us to provide evidence of effective security management to inspectors.”
