The 8 Global Cybersecurity Institutions — From IACS to ITU-T, Building the Standard for Maritime Logistics and IT/OT Security

🚢 Introduction

Today, the maritime and shipbuilding industries have gone far beyond traditional logistics and transport.
They are rapidly transforming into massive “floating data centers” operating on digital networks.

From engine control systems and port cranes to logistics IoT and satellite communication,
a single cyberattack can now halt an entire operational chain — both digitally and physically.

This clearly shows that the world is moving toward an integrated security governance model that unites
IT Security” (information systems protection) and “OT Security” (operational technology — control and automation protection).

In this complex transformation, the following eight global cybersecurity leadership institutions—originally designed for land-based systems—
are now essential reference points for maritime and logistics cybersecurity as well.




1️⃣ NIST

National Institute of Standards and Technology

🔗 https://www.nist.gov/cyberframework

NIST defines cybersecurity risk management through its Cybersecurity Framework (CSF),
organized into five core functions: Identify – Protect – Detect – Respond – Recover.

🔹 Maritime & Logistics Application:
Shipyards and shipowners can use NIST CSF to map and secure both IT assets and OT networks
(engine control, communications, PLCs, etc.).
IMO’s cybersecurity guidelines (MSC-FAL.1/Circ.3) are themselves based on the NIST Framework model.

2️⃣ ISO / IEC JTC 1 SC 27

International Organization for Standardization / International Electrotechnical Commission

🔗 https://www.iso.org/committee/45306.html

ISO/IEC defines the language of information security management systems (ISMS).
ISO/IEC 27001 extends beyond IT to cover OT environments across ships, ports, and logistics facilities.

🔹 Maritime & Logistics Application:
Classification societies (e.g., ClassNK, DNV) use ISO 27001 and IEC 62443 (industrial control system security)
as the baseline for cybersecurity certification of shipboard systems.
ISO therefore acts as the certification framework for maritime cybersecurity.

3️⃣ ENISA

European Union Agency for Cybersecurity

🔗 https://www.enisa.europa.eu

ENISA is the center of Europe’s cybersecurity policy and regulation.
Frameworks like the NIS2 Directive, Cyber Resilience Act, and EUCS
mandate cybersecurity certification across transport, energy, and maritime sectors.

🔹 Maritime & Logistics Application:
European ports and shipping companies (e.g., Maersk, MSC, CMA CGM) follow ENISA guidelines
to include OT and ICS devices within security certification scopes,
and to ensure that ship-to-port communication meets EU-level cybersecurity requirements.

4️⃣ MITRE

MITRE Corporation

🔗 https://attack.mitre.org

MITRE maintains the world’s most widely used database of adversarial techniques — the ATT&CK Framework.
It classifies and maps how attackers operate across various platforms, including ICS and OT.

🔹 Maritime & Logistics Application:
During penetration testing or risk assessments in ports and ships,
the MITRE ATT&CK for ICS matrix is applied to model threat scenarios.
For instance, attacks such as PLC manipulation or satellite-communication jamming
are mapped to specific tactics and techniques for clearer mitigation design.

5️⃣ FIRST

Forum of Incident Response and Security Teams

🔗 https://www.first.org

FIRST is the global collaboration network connecting CERT and CSIRT teams worldwide.
It defines frameworks for incident response, information exchange, and trust coordination.

🔹 Maritime & Logistics Application:
Global shipping and port organizations use FIRST’s Traffic Light Protocol (TLP)
to classify and share cyber incident information internationally.
For example, a detected intrusion indicator (IOC) may be shared as TLP:Amber
between classification societies, shipyards, and shipowners to maintain controlled transparency.

6️⃣ CIS

Center for Internet Security

🔗 https://www.cisecurity.org

CIS provides practical, actionable security controls.
The CIS Controls v8 serve as a ready-to-use checklist for both IT and OT environments.

🔹 Maritime & Logistics Application:
Shipyard or port IT teams can implement CIS Controls directly
when designing OT network security — e.g., firewalls, VLAN segmentation, and log management.
They are also applied as minimum control standards for systems like ECDIS, engine monitoring, and PLC control.

7️⃣ OECD

Organisation for Economic Co-operation and Development

🔗 https://www.oecd.org/sti/digital-security/

OECD focuses less on technology and more on trust, governance, and cross-border policy.
Its Digital Security and Privacy Principles highlight how security directly impacts economic resilience.

🔹 Maritime & Logistics Application:
Cross-border logistics data — such as port operation info, voyage tracking, or cargo movement —
is governed using OECD’s Digital Trust Framework, defining data sovereignty and governance principles.

8️⃣ ITU-T SG17

International Telecommunication Union – Study Group 17

🔗 https://www.itu.int/en/ITU-T/studygroups/2017-2020/17/

ITU-T sets global telecommunications security standards.
Its X.1051, X.1205, and X.1500 series cover security for ICS, 5G, IoT, and satellite networks.

🔹 Maritime & Logistics Application:
Standards from ITU-T SG17 are used in the design of secure VSAT, LTE, and satellite systems on ships,
as well as 5G-based port automation networks.
These standards directly align with maritime rules such as IACS UR E26/E27.

Conclusion — The Future of Maritime Cybersecurity Is “Connected Trust”

Though these eight institutions operate in distinct domains,
they all share a unified mission:

“To build a safe and trusted digital maritime ecosystem.”

Maritime logistics is no longer just about vessels and cargo.
It is a cyber-physical domain where data, networks, and operational systems are tightly integrated.

Adopting NIST, MITRE, ISO, and ENISA standards into a cohesive IT/OT governance model
will define the future of cyber resilience in this sector.

✍️ Insight

“Cybersecurity is not merely a technical issue —
it is the design of trust.

When NIST’s framework, ENISA’s regulations, MITRE’s threat intelligence, ISO’s certification,
and FIRST’s global cooperation converge,
that’s when true “Connected Resilience” emerges —
both on land and at sea.

Comments

Post a Comment

Popular posts from this blog

[MaritimeCyberTrend] Relationship and prospects between U.S. Chinese maritime operations and maritime cybersecurity

Image
U.S. Sanctions on Chinese Ships & Cybersecurity Compliance The U.S. Trade Representative (USTR)’s sanctions on Chinese shipping and shipbuilding are expected to heighten the importance of cybersecurity regulations in vessel operations. In particular, as the U.S. increasingly frames Chinese-built ships and shipping companies as cybersecurity risks, compliance with maritime cybersecurity standards will become a critical issue for global shipping stakeholders. The United States is increasingly likely to classify Chinese-built vessels as national security and cybersecurity threats, using this as a basis for additional regulations and sanctions. In particular, drawing from past sanctions on Huawei and ZTE, the U.S. may argue that ships built in Chinese shipyards and equipped with Chinese IT systems (navigation, communication, and monitoring equipment) pose risks to the digital maritime infrastructure of the U.S. and its allies. As a result, the U.S. Coast Guard (USCG) is expected to s...
Read more

Examining the Reality of Cyber Incidents and the Shortfalls in Compliance Frameworks

Image
🌐 When a Ship's GPS Is Hacked: The Gap in Global Maritime Cyber Regulations – Examining the Reality of Cyber Incidents and the Shortfalls in Compliance Frameworks As maritime logistics rapidly digitalizes, the 2025 cyber grounding of MSC Antonia marks a clear turning point—showing that the industry must move beyond technology alone and embrace practical cyber resilience in real-world operations. The maritime cyber market has reached a turning point where it must move beyond mere technical compliance; it now requires the integrated operation of real-time threat response capabilities during vessel operation, organizational-level cyber governance, and the practical cybersecurity competence of crew members to effectively bridge the gap between stagnant global regulations and rapidly evolving threats. 📌 1. The 2025 MSC Antonia Incident – A Ship Hacked Mid-Voyage In May 2025, the MSC Antonia, a container ship operated by one of the world’s largest shipping lines, ran aground near Jedda...
Read more

[Curriculum] Sungkyunkwan University - Department of Information Security - Course Sequence by Areas of Interest

Image
The order in which subjects are approached may vary depending on the student's major, interests, and learning goals. However, generally, taking courses in the following sequence allows for efficient learning. (Source: Sungkyunkwan University GSIC ) 1. Basic Courses First, it is essential to understand fundamental theories and basic concepts. The following courses help build foundational knowledge: Introduction to Digital Forensics (FSI5056) : Establishes the basics of digital forensics and teaches various methods for collecting and analyzing digital evidence. Korea University Graduate School of Information Security Introduction to Cryptography (GSIS001) : Covers the fundamental principles and applications of encryption technologies for data protection. Life Coding Database (GSID003) : Introduces key concepts and practical skills for data storage and management. Operating Systems (GSID021) : Helps understand the structure and functions of operating systems, which are the core of com...
Read more