Navy and cybersecurity
A cyber protection on land and at sea
Both on land and at sea, the marine sector and all its stakeholders have to deal with cyber threats. Stormshield provides support to the merchant and military navy, shipbuilding, marine energy, port and fishing industries to strengthen network, workstation and data security in this highly constrained sector.
With maritime activities, the slightest damage to supply chains or navigation systems can be very costly. It can even lead to vital state issues; for example, when the disruptions affect military operations. It is therefore essential to guard against cyberattacks against workstations and network components, both on board ship and in harbour.
To ensure the availability, performance and resilience of such networks, both IT and operational, Stormshield's Stormshield Network Security (SNS) range of firewalls offers the ability to segment and perform in-depth, contextual analysis of these networks. To prevent known and unknown attacks, SNS firewalls also provide granular control over authorised messages, enable operational values to be controlled through the implementation of custom patterns, and deliver very high availability through their bypass functionality and intrusion prevention system (IPS).
In the case of advanced attacks against endpoints, the combined use of our Stormshield Endpoint Security (SES) product and the Breach Fighter option on our SNS firewalls is an effective blocking solution.
Europe is the continent most affected by cyber attacks against the shipping sector according to the Panorama de la cybermenace maritime 2022 (France Cyber Maritime & OWN)
The means by which boats connect can vary according to their position. They make connections as they move across the globe, sometimes intermittently. Our SNS range can then manage dropped connections and network link changes by managing multiple WAN accesses and changing links based on their availability (SD-WAN).
In situations where equipment is temporarily unavailable or unreachable, our Stormshield Management Center (SMC) centralised management solution enables the automatic time-shifted deployment of a configuration. This can also be done in bulk in the case of a fleet.
Whether the reason is for maintenance or in response to a specific incident, it is not always possible to gain physical access to the ship or building in question. For this reason, our SNS firewalls' mobile SSL and IPSec VPNs, with their ability to authenticate users on network flows, are very useful in providing secure remote access to teams or third-party providers.
Context-sensitive protection for mobile technicians' workstations with our SES solution also enhances the security of these operations.
Given the confidentiality of the information exchanged between the various sites and ships, the use of trusted, qualified and certified products is vital. To prevent trade secrets or browsing data from being altered or intercepted, solutions such as the IPSec site-to-site VPN tunnel in our SNS firewalls establish trusted communication channels. They authenticate the origin of the data, guaranteeing its confidentiality – as well as its integrity. In addition, protect your communications with external service providers and other suppliers via our Stormshield Data Security (SDS) encryption solution.
The scope of the maritime sector is vast, from the nautical industry to the shipbuilding community to the ports. Such geographical distribution requires a large team of administrators to easily deploy and manage the security equipment comprising these large infrastructures. To this end, the SMC solution allows as many configuration and technical parameters as possible to be set up in advance before they are automatically deployed (staging by USB key). The solution can also be used to centrally administer a fleet of SNS firewalls, and thus manage VPNs (SD-WAN) or filtering, for example.
In addition to this fragmented distribution, the marine industry features a variety of physical constraints (temperature, humidity, salinity, etc.) that distinguish it from traditional IT environments. The challenge is to install the security elements as physically close as possible to the equipment to be protected, without a computer rack. To meet the needs of these constrained environments, particularly on ships, we have designed reinforced enclosures that are easy to mount in electrical cabinets.
Shipbuilding projects are usually long term, with the vessels being used for decades. Maintenance schedules are therefore essential. Nevertheless, live system support and security maintenance (MCO/MCS) offer the option of spacing out hardware upgrades and extending the life of the infrastructure.
Stormshield products help protect and maintain the security of IT infrastructures over time.
As Operators of Vital Importance (OIVs) or operators of essential services (OSEs), many players in the maritime environment are required to comply with the Military Planning Law (LPM) and the Network and Information Security (NIS) directive, as well as with NATO and European Union defence standards.
To satisfy these requirements in terms of confidentiality and trust, Stormshield solutions are certified and qualified to the highest European level. Using products with trusted certifications and credentials offers the best guarantee of effective cyber protection.
Maritime industry professionals: your cyber security projects are necessarily complex. They deserve a solution that is tailored to your own issues and specific situation. Our sales and pre-sales teams are ready and waiting to discuss with you and meet your expectations.