Tototheo Maritime’s Cybersecurity Solution, an end-to-end service including monitoring, detection, containment and rectification of cyber threats, has received a Certificate of Compliance by IACS Classification Society RINA. The Tototheo TM Cyber Solution is a highly specialized, multi-faceted service that enables organisations proactively detect and mitigate cyber risks on board and at shore, while operating under all applicable international regulations.
The solution has been evaluated under the scope of an extensive regulatory framework and technical requirements including:
- IMO RESOLUTION MSC.428(98) – “Maritime Cyber Risk Management in Safety Management Systems”, Jun 2017
- IMO MSC-FAL.1/Circ.3- “Guidelines on Maritime Cyber Risk Management”, Jul 2017.
- IACS UR E22 “On Board Use and Application of Computer based systems”, Jun 2016
- IACS Rec 166 “Recommendation on Cyber Resilience”, Jul 2020
- RINA GUI39 “Guide for the Certification of Cybersecurity Capabilities of Marine Materials and Equipment”, Jan 2021
- ISA/IEC 62443 Series of Standards, International Society of Automation/International Electrotechnical Commission. (concerning security & vulnerabilities in Industrial Automation and Control systems)
- NIST, US National Institute of Standards and Technology – “Framework for Improving Critical Infrastructure Cybersecurity”, version 1.1, Apr 2018
- “The Guidelines on Cyber Security On-board Ships”, v4, BIMCO, CLIA, ICS, INTERCARGO, INTERMANAGER, INTERTANKO, IUMI, OCIMF, and WORLD SHIPPING COUNCIL, Dec 2020
- The RINA Rules and Guides
The TM Cybersecurity Solution consists of several network security devices, endpoint, and cloud-based software, aiming to protect the OT/IT networks of a vessel and/or enterprise networks ashore connected with that vessel.
RINA has evaluated the TM Cybersecurity Solution in the following segments:
- Security Functions and related controls
- Installation Procedures
- Non-interference with OT equipment other than protecting the vessel network
- Protection of OT systems
It has demonstrated its underlying capabilities by performing security configurations in a live network simulation, proving conformance against cyber security practices and compliance with the International Regulatory Framework, Industry Standards and RINA Rules & Guides on Capabilities of Marine Materials and Equipment.