CRIBB CMCA - Cribb Cyber Security

Back in February we spoke with Patrick Carolan about ‘CRIBB Maritime Cyber Assurance’, an exciting new cyber security solution from theICEway aimed at the cruise industry. Designed as an affordable alternative to ISO27001, CMCA has been an important addition to CRIBB Cyber Security’s long list of services, as Patrick was happy to tell us recently…

Patrick, when we spoke last about CMCA, you revealed that you had received a good level of interest in it – has that continued since the start of the year?

It did for a little while after we had that discussion but then COVID-19 reared its head and everything took a strange turn…

Of course.

The arrival of Coronavirus had a huge impact on the cruise industry as a whole, with many people first hearing about it after the outbreak on board the Diamond Princess. Naturally, with this being a security framework for cruise and with priorities changing for cruise lines across the board, it did take a back seat for a while.

That’s understandable, but with the world starting at least to resemble normality once again, is it something you are talking about more now?

I’ve been speaking to various people in cruise about it throughout the last few months actually, simply because the cruise industry is so resilient and we are all expecting things to get back on track.

That’s good to hear.

When we spoke last, I seem to remember talking about data breaches in cruise being quite commonplace, especially given the digital transformation we have witnessed in the industry. That is a problem that everybody is still trying to solve, ourselves included, but we think we have something quite special with this solution.

You did say back then that the industry was more vulnerable to cyber-attacks than others.

That’s right, I mean we are talking about cities with unbelievable connectivity that are floating in the middle of the ocean.

Patrick, in a nutshell, what is CMCA, how can it help, and why should the cruise industry turn to yourself and CRIBB Cyber Security?

That’s a lot to put into a nutshell but I will try. So, the IASME Consortium recognises CMCA as a UK government-backed framework for cruise companies to use so that they can become more cyber resilient. It is based on Cyber Essentials and the ISO27001 security standard and it can increase protection and help to strengthen business processes.

It can help by offering cruise lines the opportunity to evaluate security policies and assess what their levels of compliance are like. Our experienced and certified GDPR practitioners such as myself will essentially put the current ‘organisation of information’ under the microscope.

That is quite a large nutshell. And you only covered the first two parts of the question.

Right. What was the third part?


Yes, of course. You should choose us because we are part of theICEway ecosystem of companies and have over 20 years’ worth of experience helping clients in cruise. We adopt a security by design approach whenever possible, and whilst we see ourselves as a local company, we have offices located throughout Europe, in Australia and in the US now too, so we actually have a real global reach.

For more information on CMCA, click here – alternatively, get in touch with one of our cyber security experts today for a more personal touch. You may even end up speaking with Patrick…


theICEway – An ecosystem of companies working with your IT Teams to deliver technology projects, cloud strategy and application managed service through ICE Technology Services, CRIBB Cyber Security & eTestware

ISO27001 – An information security standard published last in 2013, this is basically a spec for an information security management system

Top Tip

Follow our simple but effective mantra:


(Our experts can of course help you to maximise the effectiveness of each point, so get in touch now to take your first steps aboard theICEway…)