Case Study: a large research vessel company improves fleet cyber security with NCC Group

Cyber Security Review for Multi-Vessel Operational Technology Fleet

NCC Group worked with a large research vessel company operating a multi-vessel maritime OT fleet with disparate systems, different vessel ages, and limited time available with crews at sea. The company suspected security weaknesses because it lacked a standardised OT security approach across marine systems, IT infrastructure, external communications, and third-party connected equipment.

NCC Group delivered a series of remote, NIST CSF-based cyber security workshops and assessments covering asset registers, business impact analysis, gap assessments, threat-to-system mapping, and inherent/residual risk reviews for each vessel and shore environment. The result was a comprehensive fleet-wide risk assessment report, clear areas for improvement and good practice, a baseline for future security posture measurement, and a repeatable process for ongoing assessments, including an executive summary for leadership awareness.