From Framework to Action

From Framework to Action — A Practical Manual for IACS Compliance and Survival

CYTUR Inc. | Cyber Trust & Resilience for Maritime

Table of Contents

Foreword: Why This Guide Is Needed Now

Maritime cyber incidents surged 103% year-over-year in 2025. Communications on 116 vessels were simultaneously disabled, a container ship ran aground due to GPS spoofing, and a major navigation equipment manufacturer was brought to its knees by ransomware.

At the same time, 2026 marks a regulatory turning point. IACS UR E26/E27, applicable to newbuilds contracted after July 2024, are entering the sea trial and delivery phase this year. Cybersecurity is no longer a checkbox on a design drawing — it has become the "License to Sail" that determines whether a vessel can be delivered and operated.

This guide is designed so that shipping company security officers and CISOs can understand not only "what needs to be done" but also "in what order and how to execute it." It follows a four-stage cyclical structure: Framework Establishment (Chapter 1) → Continuous Operations (Chapter 2) → Incident Response (Chapter 3) → Post-Incident Management (Chapter 4), where each stage's outputs feed into the next.

Applicable Regulatory Framework

The key international regulations and standards referenced in this guide are:

• IMO MSC.428(98): Resolution recommending integration of cyber risk management into Safety Management Systems (SMS) (effective January 2021)
• IMO MSC-FAL.1/Circ.3 Rev.3: Guidelines on Maritime Cyber Risk Management (latest revision April 2025). Applies the NIST Framework's five functions (Identify-Protect-Detect-Respond-Recover) to the maritime environment
• IACS UR E26 Rev.1: Cyber Resilience of Ships — treats the entire vessel as a single unit, governing security across the full lifecycle. 17 requirements organized under five key functions