IYBA announce CSS Platinum as their Official Security Partner

by | Sep 22, 2021 | Archive

The International Yacht Brokers Association are proud to announce CSS Platinum as their official security partner.

Executive Director Paul Flannery said:

“Cyber security is a clear and present danger and a constantly evolving discipline.  To date, IYBA has worked tirelessly to protect its systems, members, and clients.  As the leading association in the superyacht industry, and reflective of the pace and sophistication of the present-day cyber threat landscape, IYBA is committed to ensuring that our cyber resilience keeps pace, makes us hard to hack, and meets the trust, standards of service and respect that our clients and members deserve.  We recognise that to continue to achieve this we need expert specialist support, and we are hugely proud to announce CSS Platinum as our official security partner of IYBA.”

Who is CSS Platinum?

CSS Platinum is the industry’s leading Superyacht Cyber Security providers.  This IYBA partnership has been a few years in the making and CSS Platinum have already provided support and guidance to the association.  CSS Platinum provide cyber security resilience services to superyachts and superyacht-supporting businesses, including complete cyber resilience solutions; superyacht IMO cyber compliance; and their industry leading Crew Check background checking and Maritime Cyber Licence (MCL) training products.  They consult with several Flag Registries and have assisted them in designing their IMO Cyber Audits and trained their surveyors, as well as contributing to the BIMCO Guidance on Cyber Security Aboard Ships.  Established among the legal and yacht management company community, they assist an ever-increasing number of fleets in meeting their cyber resilience, IMO cyber and data privacy obligation.  They are regular thought leadership providers to multiple publications and participate frequently on superyacht industry panels discussing cyber security resilience.  They are technical committee members with the IYBA and ISS.

What will CSS Platinum be doing?

To date, CSS Platinum have already conducted a full assurance audit of IYBAs security and will be working with them to future proof their resilience measures to ensure they continuously evolve with the cyber threat landscape and protect the associations’ clients and suppliers.  They are also supporting several exciting IYBA technical initiatives to ensure they are secure by design.  CSS Platinum will feature prominently on the IYBA website and will be providing useful for guidance on general cyber resilience to its members.

Said Michael Wills, Co-Founder CSS Platinum:

“CSS Platinum are hugely proud to be announced as the official security partner of IYBA.  Their reputation as the leading superyacht association and their commitment to ensuring they remain at the forefront of change, technology and resilience for the safety and security of their clients and suppliers is what we have all come to expect.  CSS Platinum is delighted to be supporting the IYBA as their security partner and in developing their cyber resilience for the challenges of the future.  Should any IYBA members aspire to develop their cyber resilience to meet the present and future cyber challenges, we would be delighted to speak with them also.”

Why is cyber security important?

Today, cyber security is an essential life skill.  Whether that be in business, yachting or in one’s personal life.  We live amidst an unseen cyber war that is here to stay and unlikely to end.  The advent of greater data transfer speeds; the ever-decreasing size of microchips and sensors; the associated explosion of smart devices and smart objects as part of the Internet of Things (IoT) revolution; and the incorporation of all these technological advances into superyachts; the prospect and opportunity for cyber-attack in the superyacht industry is exponentially increasing.

Why should we do something about cyber security?

Privacy.  Internationally, there are an increasing number of compliance regulations whereby it is a requirement to protect against cyber-attack.  Leading the pack is the EU / UK General Data Protection Regulation.  This regulation requires that appropriate “organisational and technical” controls are implemented to protect personal data – by this, in the main, they mean cyber security.  EU / UK GDPR are both multi-jurisdictional and extra-territorial, meaning regardless of the actual registration of the business, yacht or yacht owning entity, if the yacht holds and/or processes the data of an EU or UK citizens – owners & families, charter clients, crew, shore staff etc, you must cyber-protect the data.  Failure to do so could result in enforcement fines up to £17.5M / €20M or 4% or global turnover – whichever is greater.  A great number of other nations are updating their privacy laws and using GDPR as a benchmark.  IYBA hold significant client personal data and are committed to continue to meet their GDPR and other international data protection obligations.

Safety.  The International Maritime Agency’s introduction of Maritime Cyber Risk Management as part of the ISM Code was introduced on the 1 January 2021.  The regulation requires that vessels of greater than 500GT and with a commercial function (charter) should address Maritime Cyber Risk Management Risks as part of the annual verification of documents of compliance.  This is to mitigate the risk of a cyber-attack leading to a safety related incident.  The United States Coast Guard has already laid out robust guidance on how it will enforce these requirements to protect the United States.  What is interesting about this regulation is that the IMO also stated that any supplier/business who supports/interfaces/connects to the superyacht industry is a possible vector for attack and should also ensure that their cyber resilience does not precipitate a cyber initiate safety incident at sea.  IYBA recognise this requirement and are committed to playing their part in securing the industry.

Trust & Reputation.  The final issue here is one of trust and reputation.  Regardless of legislation and regulation, when an individual joins IYBA and provides their personal and other forms of data, there is a trust and expectation that their data will be managed and secured appropriately and judiciously.  Currently there are two types of organisations: those that openly reassure their clients and suppliers of the steps they are taking to cyber-protect the personal data they hold and access to the services they provide and those that don’t – for obvious reason.  The IYBA is committed to protecting its members and suppliers and is proud of the steps it takes to do so.

CSS Platinum will continue to provide regular contribution to Compass Magazine.

Michael Wills is co-founder and chief data officer for CSS Platinum. 

Join our newsletter

Signup using the form below to receive monthly updates and security tips from CSS Platinum.