LAW firm HFW and maritime cybersecurity company CyberOwl have joined forces to provide technological and legal services to the shipping industry around cyber risk management and compliance.

Both parties will work together to help the maritime sector prevent and actively defend against commercial, legal, technical and operational risks, including reviews of vessel cybersecurity seaworthiness, cybersecurity monitoring, and related legal and consulting advice.

This will complement HFW’s existing cybersecurity advice to clients as part of its standalone consulting business, HFW Consulting.

Paul Dean, global head of shipping at HFW said, “Cybersecurity is a growing concern for the global shipping industry.

“The reality is that traditional cybersecurity systems are not designed to overcome the unique technical, operational and commercial challenges of shipping, such as the need to demonstrate due diligence in ensuring seaworthiness and cargoworthiness to minimise disagreements around liabilities in the unfortunate event of a cyber attack.

“We have therefore partnered with CyberOwl, whose security experts share the deep shipping industry expertise on which we pride ourselves at HFW.


Daniel Ng, CEO of CyberOwl said, “At CyberOwl, we are on a mission to leverage data and analytics to shift shipping organisations towards a more active cyber posture, and help them evidence their cybersecurity controls are actually working.

“We have engaged with around 100 vessel owners and managers to understand their challenges. They have expressed a real lack of confidence that the steps they have taken to comply with IMO 2021 actually helps them defend themselves… in the eventuality of a cyber attack, and to prove that due diligence was exercised to ensure vessel seaworthiness and cargoworthiness.

“Working with HFW means we’re able to provide clients with a broader offering combining first-rate legal and technology services. We see this as being a unique proposition,” he said, adding that other cyber services providers are mainly focused on IMO 2021 compliance, rather than helping the industry to actively manage and mitigate its cyber risks.