Skip to main content

Maritime

The maritime industry is entering a new era of cybersecurity regulation — and most vessel operators are starting from a position of limited visibility. Ships are complex floating environments where dozens of systems from different vendors have been installed, upgraded, and maintained over the lifetime of the vessel. Navigation, propulsion, cargo management, CCTV, communication, and safety systems each come from different manufacturers, run different software, and are often connected to shared onboard networks with little documentation of what exists or how it communicates.

Historically, cybersecurity has not been a priority at sea. Vessel networks evolved organically, systems were added by shipyards and integrators during construction and refit, and remote vendor access was established for maintenance without formal security controls. The result is that no single person on board — or ashore — has a complete picture of every system, every connection, and every piece of software running on the vessel.

That is now changing. IACS Unified Requirements UR E26 and UR E27, mandatory for all ships contracted for construction on or after 1 July 2024, establish clear cybersecurity requirements for vessel design, construction, and operation. UR E26 addresses cyber resilience of the ship itself — requiring asset inventories, network architecture documentation, and security zones. UR E27 addresses the resilience of onboard systems and equipment supplied by vendors. Together, they demand a level of visibility and control that most shipping companies have never had.

Why First Watch for Maritime

First Watch brings to the maritime environment the same proven OT cybersecurity platform used to protect industrial control systems ashore — adapted for the unique constraints of vessel operations.

Asset discovery and inventory is the foundation. The platform automatically identifies every device communicating on monitored networks — building the comprehensive asset register that UR E26 requires and that no manual survey can maintain over time. For the first time, vessel operators and fleet managers can see exactly what is on board, what software it runs, and how it communicates.

Onboard deployment is designed to work within vessel constraints. The First Watch Controller and PLC Guard deploy as a virtual machine on existing onboard infrastructure (KVM virtualisation), minimising hardware requirements. ControlGuard agents protect critical Windows-based systems such as CCTV servers, ECDIS workstations, and cargo management computers.

Network traffic monitoring through PLC Guard in IDS mode provides continuous visibility into all communications on monitored VLANs — detecting anomalous traffic, unauthorised connections, and unexpected changes without interfering with vessel operations.

Vendor accountability addresses a core maritime challenge. With multiple equipment suppliers maintaining their systems remotely, the platform logs every connection and every action — providing the attributed, time-stamped evidence needed to understand who accessed what, and when.

Compliance documentation is generated continuously. The platform produces the asset inventories, network maps, software inventories, and vulnerability assessments that support UR E26 and UR E27 compliance — not as a one-off exercise, but as a living, continuously updated record.

What We Protect

  • Bridge systems — ECDIS, radar, AIS, GPS, and integrated navigation systems
  • CCTV and surveillance — monitoring servers, camera networks, recording infrastructure
  • Communication systems — VSAT, satellite communication, onboard networking
  • Propulsion and machinery control — engine management, power management systems
  • Cargo management — loading computers, ballast control, tank monitoring
  • Safety systems — fire detection, alarm management, public address
  • Shore-to-ship connectivity — remote access paths, fleet management links, vendor maintenance sessions

IACS UR E26 and UR E27

For shipping companies, compliance with the IACS unified requirements is not optional — it is a condition of classification for all newbuilds contracted from July 2024 onwards, and the expectations are increasingly being applied to existing vessels at survey.

First Watch supports compliance across both requirements by providing the technical capabilities that underpin the mandatory outcomes: comprehensive asset inventories, network architecture visibility, continuous monitoring, software vulnerability assessment, and documented evidence of cybersecurity controls.

This section contains deployment examples and case studies from the maritime sector.