With digital innovations coming in thick and fast, there is a real need to integrate the ever-evolving digital landscape within the industry to better protect our environment from potential vulnerabilities.
Naval Group fully acknowledges the threats associated with fast evolving technologies and has made a point of taking cybersecurity extremely seriously right from the outset. In the aim of managing such threats, Naval Group has long put cybersecurity at the heart of their design and development processes and tends towards quicker, more reactive and more efficient design, development and construction processes by integrating digital and cybersecurity features into the vessels architecture from day one. Naval Group thus ensures ‘across the board’ cybersecurity from its vessels through to its mainland computer facilities.
‘Where data protection involves protecting outgoing and/or transmitted data, cybersecurity entails safeguarding a vessel’s digital integrity as whole.’
Despite deeply integrated cybersecurity features, it remains impossible for any one entity to claim immunisation against sophisticated, ever-evolving cyber-attacks, which is why Naval Group continuously assesses, tests and upgrades its own cybersecurity measures. The continued emergence of new and improved threats means that Naval Group must always be prepared to detect and counter security breaches as they occur.
That is why Naval Group has set up Security Operational Centres (SOCs) that supervise the entirety of Naval Group’s security infrastructures. In essence, they are responsible for detecting any threat thanks to a variety of protection measures. The advantage of these SOCs lies in their ability to identify any security shortcomings, assess potential impacts and subsequently work with Naval Group’s Computer Emergency Response Team (CERT), an expert unit established to respond to security incidents.
Last but not least, and in line with its proactive stance on cybersecurity, Naval Group has gone as far as creating a parallel environment in which new digital evolutions and their associated threats may be tested on relevant systems and vessels. This Naval Cybersecurity Laboratory allows Naval Group to ensure that its defence and protection mechanisms can withstand the latest state-of-the-art attacks. Where defence mechanisms are tested on relatively longer time cycles, protection measures are tested on much shorter time cycles to ensure that no security breaches go unnoticed for extended periods of time.
From an operational standpoint, Naval Group’s advanced cyber protection measures are rolled up in its Cyber Management System (CyMS), which is an on-board system capable not only of effectively detecting cyber intrusions, but also of assessing their operational impact, in order to present the commanding officer with appropriate recommendations for action. This on-board system is largely beneficial in that it presents the crew with an added degree of autonomy and reactivity in the face of impending threats.
To support vessels, Naval Group has also established dedicated operational entities called COSINs (Centre Opérationnel de Soutien Intégré Numérique – Integrated Digital Support Operation Centres) that act as cybersecurity front-line posts in the ports, and whose mission it is to ensure the overall integrity of the vessels’ digital systems. Again, any shortcomings are communicated back to the Computer Emergency Response Teams, allowing them to allocate the necessary resources to mitigate and resolve outstanding issues if requested, from on-board the vessel all the way back to the mainland computer facilities.
Naval Group has established strong internal governance through its Cyber Security Framework with the aim of making cyber security an integral part of its DNA. Such foresight has allowed Naval Group to develop a truly holistic approach whereby the cyber security features of its vessels not only contribute to its safety but also prevent the need for retrofitting, all whilst facilitating potential future upgrade operations.
Developing cyber security hand-in-hand with today’s evolving digitisation, as opposed to post-digitisation, is how Naval Group ensures state-of-the-art cybersecurity – forever optimising cyber-protection & cyber-detection to ensure a vessel’s cyber-resilience!