Anticipating, analyzing, sharing
Greater resilience in maritime and port operations also depends upon the ability to anticipate threats and assist victims of cyberattacks. This is the mission of M-CERT (Maritime Cyber Emergency Response Team).
This national centre, based in Brest (France), is in charge of monitoring and analysing cyber threats as well as sharing information to alert maritime and port operators.
- Helping to prevent security incidents by improving cybersecurity awareness, promoting the implementation of necessary protection measures, detecting vulnerabilities on networks and systems.
- Analyze vulnerabilities, threats, attacks and risks with a sectoral perspective.
- Sharing information of interest for the sector by disseminating dedicated bulletins and Cyber Threat Intelligence and by broadcasting national and international security alerts and warnings.
- Organizing, coordinating, centralizing, collecting and identifying cyber incidents.
- Cooperate at regional, national, european and international levels to build trusted networks on maritime cybersecurity.
M-CERT aims at being the relevant point of contact for the maritime and port sector and at providing support to collect, identify, centralize and manage cyber incidents in accordance with laws and regulations that apply.
Incident Response Coordination
M-CERT aims at supporting the maritime sector in handling the technical and organizational aspects of incidents.
In particular, M-CERT provides 2 major services in the field of Incident Response Coordination: Incident Triage and Incident Coordination.
• Les activités de prévention
Alerts and Warnings
In case of a specific event, such as an alert, an incident or a crisis, M-CERT disseminates information to its constituency and provides recommendations to tackle the issue.
M-CERT provides regular information on published vulnerabilities, new attack tools and security measures needed to protect its constituency’s information systems by the publication of regular bulletins on maritime cybersecurity.
Awareness and Dissemination
M-CERT aims at sharing its knowledge and experience to enhance awareness on maritime cyber security topics.
Cyber Threat Intelligence
M-CERT provides its constituency with regular information and analysis on the maritime and port cyber threat landscape.
Passive Preventive Monitoring
M-CERT performs passive preventive monitoring actions on maritime and port assets to detect potential breaches or vulnerabilities and misconfigurations which may be leveraged during cyber attacks.
Research and Survey
M-CERT aims at conducting cyber security research, expertise and survey activities for the whole maritime and port sector to detect new vulnerabilities and enhance cybersecurity.
In accordance with its Vulnerability Disclosure Policy (see Section 4.4 of our RFC2350), M-CERT will act as a Coordinator, between a Reporter (organization or unit triggering the incident process) and Third Parties (stakeholders involved in the resolution of the incident or other CSIRTs).
When mandated by a constituency, M-CERT is able to watch available public announcements on vulnerabilities concerning specific software or hardware and alert the concerned party in case of discovery.
Support and Cooperation
M-CERT is a member of InterCERT France, a federation of major CSIRTs in France.
M-CERT also benefits from coordination agreements on maritime cybersecurity signed between France Cyber Maritime and the French Navy and with the French Gendarmerie Maritime.
M-CERT has received an initial financial funding and support by the French National Cybersecurity Agency (Agence Nationale de Sécurité des Systèmes d’Information, ANSSI) and by the French Secretary for the Sea (Secrétariat Général de la Mer, SGMer).
France Cyber Maritime members
With more than 70 members, France Cyber Maritime brings together within three membership boards public sector players and regional coastal authorities, maritime operators and cyber security solution providers.