IACS Unified Requirements E26 and E27 Cyber Security

This technical report outlines the International Association of Classification Societies (IACS) Unified Requirements E26 and E27, which focus on enhancing cyber resilience in maritime operations. UR E26 specifically addresses the cyber resilience of vessels, detailing compliance requirements across the vessel lifecycle, including design, construction, commissioning, and operation. It emphasizes the importance of establishing a secure onboard environment through a structured approach based on the National Institute of Standards and Technology (NIST) Cybersecurity Framework. UR E27 complements this by providing guidelines for manufacturers and Original Equipment Manufacturers (OEMs) to improve the cyber resilience of onboard systems and equipment. The report highlights the necessity of comprehensive documentation and compliance checks to ensure that vessels meet established cyber resilience standards. Furthermore, it discusses the role of human factors in maintaining security and the need for ongoing collaboration within the industry to address evolving cyber threats effectively.