Built from the
shipyard floor up.
TAGSIA was not written in a consultancy office. Every procedure, every section reference, and every checklist was developed by a practitioner who has commissioned automation systems on large cruise ships, managed OT as an ETO on a superyacht, and is currently leading E26 compliance on a live newbuild — working directly with Lloyd’s Register and DNV.
electrical & OT systems
held across career
engaged — LR & DNV
direct OT experience
The experience behind the content
Maritime OT security sits at the intersection of naval architecture, industrial control systems, IT networking, and international maritime law. Generic IT security professionals miss the operational realities that determine whether a security control actually works at sea. TAGSIA was built by someone who has held every technical role that matters in this space — from commissioning automation systems on large passenger vessels, to managing full OT responsibility as an ETO, to running shore-based enterprise IT infrastructure.
Lead Electrical Inspector / Cyber Resilience
Currently responsible for IACS UR E26/E27 compliance on a live cruise ship newbuild. Conducting Cyber Security Risk Assessments with Lloyd’s Register, developing CBS asset inventories and OT interface diagrams, and preparing full Class submission documentation. Parallel advisory engagement with DNV on E26 technical interpretation.
Automation Engineer — Large Passenger Vessels
Commissioning and integration of ship automation systems including Power Management Systems (PMS), Integrated Bridge Systems (IBS), ECDIS, and machinery control on large cruise ships. Contributed to multiple newbuild construction projects including factory acceptance tests and blackout and recovery trials. This is the layer most IT security professionals have never touched.
ETO / AV / IT Officer — Superyacht
Full ETO accountability for all electrical, electronic, and IT systems onboard a superyacht. Deployed and administered a Sophos Next-Generation Firewall to harden OT/IT network segmentation, optimise bandwidth, and prioritise critical traffic. Maintained Integrated Bridge System, VSAT and 4G communications, KNX lighting control, and all safety-related systems.
Maritime Software Developer & Shore-Side IT
Developed a real-time Python decision support system for yachts with NMEA 0183 navigation data integration and WebSocket-based live updates — the direct source of TAGSIA’s protocol intelligence content. Earlier shore-based roles managing enterprise IT infrastructure across multiple European locations, including Cisco networking, VPN deployment, and disaster recovery planning.
Written from inside a live E26 programme
TAGSIA’s content is not based on reading the regulations and extrapolating. It is validated against what Class surveyors are actually asking for, what OEMs are actually delivering, and what ETOs are actually capable of executing during a port call.
Lead cyber resilience role — cruise ship newbuild, E26 first-of-class
Currently serving as the lead technical resource for IACS UR E26 compliance on the first E26-scoped vessel at a major cruise shipbuilder. Working directly with Lloyd’s Register as the certifying Class Society on CSDD development, zone and conduit architecture, CBS inventory, and full Class submission documentation. Running parallel advisory discussions with DNV on E26 technical interpretation. This is not historical knowledge — it is the live, current standard being validated against actual Class survey requirements in 2025–2026.
Certifications & licences
All certifications below are held by the primary author. The combination of maritime operational licences and formal cyber security certification is what allows TAGSIA to bridge engine room reality and regulatory language.
Why generic IT security fails at sea
The procedures that work in an office server room will get someone hurt on a vessel. TAGSIA’s content is written with the physical and operational constraints of ships built in — because the author has lived them.
| Domain | Generic IT security | TAGSIA approach |
|---|---|---|
| Infrastructure | Office servers & cloud | PMS, ECDIS, AMS & High Voltage systems |
| Networking | TCP/IP office LAN | NMEA 0183/2000, Modbus, maritime zone architecture |
| Access control | Active Directory & SSO | Crew rotation, watch handover, offline MFA |
| Patching | Patch Tuesday, auto-update | OEM-approved only, pre-tested, never mid-voyage |
| Incident response | Call the SOC | ETO-executable, no internet required, safety-first shutdown |
| Regulations | GDPR, SOC 2, ISO 27001 | IACS E26/E27, IMO MSC-FAL.1, IEC 62443, BIMCO v4 |
| Vessel types | Any & all (generic) | Cruise ships, superyachts, bulk, container, offshore |
We invite you to check everything
Every section reference in every TAGSIA playbook is traceable to its source regulation. Every §4.2.3 maps to IACS UR E26 Rev.1. Every ISM Code reference maps to the current consolidated text. If you find an error — a wrong section number, an outdated requirement, a procedure that won’t work in practice — contact us and it will be corrected within 24 hours.
Everything is free with a registered account.
Whether you’re building to Class or hardening an existing vessel — register free and access all playbooks, both assessment tools, the vault forms, and the intelligence feed.
