Cyber safety is as significant as cyber security. Both have equal potential to affect the safety ofÂ onboard personnel, ships, and cargo. Cyber security is concerned with the protection of IT, OT andÂ data from unauthorised access, manipulation and disruption. Cyber safety covers the risks fromÂ the loss of availability or integrity of safety critical data and OT.
When incorporating cyber risk management into the company SMS, consideration should be givenÂ to whether, in addition to a generic risk assessment of the ships it operates, a particular shipÂ needs a specific risk assessment. The company should consider the need for a specific riskÂ assessment based on whether a particular ship is unique within their fleet. This should considerÂ factors, including but not limited to the extent to which IT and OT is used on board, the complexity
of system integration and the nature of operations.
TheÂ Guidelines on Cyber Security Onboard Ships second edition, includes information on insurance issues and how to effectively segregate networks, as well as new practical advice on managing the ship to shore interface, and how to handle cyber security during port calls and when communicating with the shore side.
The chapters on âcontingency planningâ and âresponding to and recovering from cyber incidentsâ have been rewritten to reflect the fact that the guidelines are aimed specifically at ships and the remote conditions prevailing if a shipâs defences have been breached.
The Guidelines on Cyber Security Onboard Ships have also been aligned with the recommendations given in the International Maritime Organizationâs (IMO) Guidelines on cyberÂ risk management which were adopted in June 2017.
A new subchapter on insurance has been added, looking at coverage after a cyber incident as this is an important part of the risk assessment which shipowners should now take into consideration. Finally, the Annex, which explains about networks, has been rewritten based on real experience of shipowners segregating networks on their ships.
Angus Frew, BIMCO Secretary General and CEO said:Â
Cyber security is certainly a hot topic for all of us now, and this latest guidance includes valuable information, applying a risk based approach to all of the areas of concern, highlighting how an individualâs unwitting actions might expose their organisation.
The first version of the guidelines was well received by the industry and acknowledged by the IMO and we really do believe that the update offers the most comprehensive guidance for the shipping industry today.
In the light of recent events we urge everyone across the industry to download it - it's available free of charge - and to consider the risk cybercrime may pose to their ships and operations. Ignorance is no longer an option, as we are all rapidly realising.
The Guidelines on Cyber Security Onboard Ships are available toÂ download. Click on below image.
The joint industry working group members are: BIMCO, Cruise Lines International Association (CLIA), International Chamber of Shipping (ICS), International Association of Dry Cargo Shipowners (INTERCARGO), International Association of Independent Tanker Owners (INTERTANKO), International Union of Maritime Insurance (IUMI) and Oil Companies International Marine Forum (OCIMF).
For more cyber-security related Guides and circulars, click here.