CISO Unlocked #1: A conversation with Simone Fortin, CISO @ MSC Cruises

News

02 / 09 / 2025

7 mins read

At Forestay, we view Cybersecurity as a core investment pillar. In a world of accelerating AI adoption and ever-evolving threats, safeguarding digital assets is mission-critical — offering both risk mitigation and exceptional growth potential.

To better understand the role Cybersecurity plays within large enterprises, we’ve launched a series of conversations with CISOs and security leaders, sharing their journeys and insights from the frontlines of cyber defense.

This first conversation features the perspectives of Simone Fortin, CISO at MSC Cruises, the global leader in cruise lines.

Labinot Brahimi: From a cybersecurity perspective, how much of a pivotal moment are organizations facing with AI vs. the previous technological shift with the cloud?

Simone Fortin: AI is ushering in a far more disruptive transformation than what we experienced with the adoption of cloud technology. While the cloud revolutionized infrastructure, scalability, and accessibility, AI fundamentally challenges core concepts such as trust, autonomy, and data integrity.

For MSC Cruises, the implications of AI are particularly profound due to the inherent complexity of maritime operations and the diverse, often stringent, global regulatory environments in which the company operates. AI’s influence extends across critical areas — from advanced threat detection to navigation systems — raising the stakes for both safety and compliance. Moreover, the rapid and unpredictable evolution of AI technologies requires organizations like MSC Cruises to move beyond what was required during the cloud transition, and embrace proactive governance, continuous monitoring and adaptation.

This ongoing shift means that staying ahead is not just about adopting new tools, but about fundamentally rethinking processes and responsibilities across the enterprise.

Labinot Brahimi: AI – across ML, generative, and agentic – is having a real impact inside many enterprises. What specific measures do you take to ensure AI innovation aligns with your organization’s cybersecurity risk posture?

Simone Fortin: We have embedded comprehensive AI risk assessments within our secure-by-design framework, ensuring we apply strict data governance over AI training pipelines (i.e., every stage of AI development and deployment is governed by rigorous data management).

Each AI use case — whether generative or predictive — is systematically evaluated from a cybersecurity perspective, focusing on model integrity, input validation, and the prevention of potential misuse. Our approach includes strict oversight of AI training pipelines to safeguard sensitive data and maintain transparency. Additionally, we ensure continuous alignment with Privacy, PCI, NIS2 (EU directive) and IMO (International Maritime Organization) cybersecurity regulations, so that AI innovations do not compromise vessel safety or regulatory compliance. This proactive governance enables us to foster responsible AI innovation while upholding the highest standards of security and operational integrity.

Labinot Brahimi: How will AI technology be helpful to security teams? Can you describe one or two specific workflows where AI has meaningfully augmented your security analysts’ day-to-day tasks?

Simone Fortin: AI plays a significant role in elevating the effectiveness of our SOC (Security Operations Center). By leveraging advanced anomaly detection models, we can proactively identify unusual patterns in crew behavior or OT (operational technology) network activity that may signal insider threats or lateral movement within our systems. This early warning capability helps prevent potential security breaches before they escalate.

Additionally, we have integrated LLM-powered copilots to support Tier 1 analysts by automatically summarizing alerts, recommending appropriate triage actions, and significantly reducing mean time to respond (MTTR). These AI-driven tools not only streamline routine tasks but also empower our security team to shift their focus from reactive incident response to proactive, strategic threat hunting.

This transformation enhances our overall security posture, enabling faster detection and mitigation of sophisticated cyber threats in a complex maritime environment.

Labinot Brahimi: How has the AI shift reshaped threat vectors specific to the maritime/shipping operations industry?

Simone Fortin: The rapid evolution of AI has fundamentally altered the threat landscape for maritime organizations. Adversaries now leverage AI to automate reconnaissance activities against maritime systems, enabling them to map out vulnerabilities and potential entry points with unprecedented speed and precision. One pragmatic example is the generation of polymorphic phishing campaigns, which dynamically adapt to target port and crew communications, making these attacks harder to detect. Additionally, AI accelerates the discovery of vulnerabilities in OT vendor products, increasing the risk of exploitation before patches can be applied.

At MSC Cruises, we have observed a marked increase in AI-enhanced social engineering attempts directed toward our ashore and onboard staff, where attackers use sophisticated tactics to manipulate or deceive personnel. This evolving threat environment necessitates the deployment of advanced detection capabilities and the implementation of robust digital identity validation measures across both our fleet and shore-based operations, ensuring that security keeps pace with the sophistication of AI-driven attacks.

Labinot Brahimi: What are the top 3 developments you expect to impact AI-driven security in the next 12–24 months, and how might they affect day-to-day defense practices?

Simone Fortin: I believe that there are three pivotal trends reshaping AI-driven cybersecurity, and that will demand new approaches to risk management, operational resilience, and regulatory compliance:

1. Adversarial AI: Threat actors using generative AI to bypass defenses

2. Autonomous SOCs: Growing reliance on AI for autonomous triage and response

3. Regulatory Pressure: EU AI Act and IMO cyber mandates will enforce stronger AI governance

These developments will drive the adoption of AI explainability, continuous real-time model monitoring, and more robust incident attribution protocols across increasingly complex hybrid (maritime) environments.

Labinot Brahimi: What critical security pain point still lacks an effective AI solution today, and what would an ideal AI capability to address it look like?

Simone Fortin: Current AI tools face significant limitations when it comes to real-time threat correlation across hybrid IT and OT environments, particularly in maritime settings where connectivity is often unreliable or intermittent.

At sea, the challenge is compounded by the need to integrate diverse data streams — from shipboard sensors and OT systems to satellite communications and SOC telemetry. The ideal solution would be a context-aware AI engine capable of autonomously fusing these disparate data sources, enabling it to detect, analyze, and prioritize threats even during periods of disconnection from shore-based networks. Such an engine would bridge the latency and visibility gaps that are unique to maritime operations, ensuring that critical security events are not missed due to connectivity issues.

About Forestay: Founded in 2018, Forestay is an early-growth Enterprise AI technology fund focused on investing across Europe, Israel and East coast of the US. Forestay is an investment partnership of B-FLEXION, a private entrepreneurial investment firm. If you are building in cyber, we’d love to hear from you. Please reach out to labinot@forestay.vc or contact@forestay.vc

About MSC Cruises: Headquartered in Geneva, Switzerland, MSC Cruises is part of MSC Group, the leading privately held Swiss-based shipping and logistics conglomerate with over 300 years of maritime heritage. MSC Cruises employs over 30,000 staff globally and sell cruise holidays in more than 100 countries, positioning the company as one of largest cruise brand in the world. Learn more at: www.msccruises.com

About Simone Fortin: Simone Fortin is a seasoned cybersecurity leader, currently serving as Chief Information Security Officer and Global Head of Cybersecurity at MSC Cruises since July 2018. Prior to this, Simone co-founded Horizon Security in 2012, a cybersecurity consulting firm. His background also includes senior management roles at PwC and Accenture, overseeing cybersecurity and infrastructure for international clients. He holds a Master in Law in Privacy, Cybersecurity, and Data Management from Maastricht University, and an Executive-in-Residence Fellowship in Global Cyber Security Policy from the Geneva Centre for Security Policy and a MBA from Hult International Business School.

Written by Labinot Brahimi

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.