This website www.standard-club.com will be archived and no longer accessible from 2 September 2025. After this date, visitors will be automatically redirected to www.north-standard.com. Head to www.north-standard.com for information on our products and services, latest news and publications, contact details, vessel search, correspondents, digital tools and much more.
News: USCG guidance on Cyber Risk Management
News & Insights 17 November 2020
Cyber risk management needs to be implemented in safety management systems (SMS) by the first International Safety Management (ISM) Document of Compliance (DOC) verification after 1 January 2021
As highlighted in the club's recent guidance, available on the right, cyber risk management needs to be implemented in safety management systems (SMS) by the first International Safety Management (ISM) Document of Compliance (DOC) verification after 1 January 2021.
In an effort to address cyber threats in the maritime sector, the United States Coast Guard (USCG) has issued a work instruction (CVC-WI-027) to provide guidance to Coast Guard Marine Inspectors and Port State Control Officers for assessing cyber hygiene onboard applicable vessels, as well as compliance options if deficiencies are noted.
The USCG previously published a Marine Safety Information Bulletin (MSIB 19-20) to highlight recent cyber events involving increasingly sophisticated malicious email spoofing techniques, and MSIB 18-20 as an advisory on the urgent need to protect operational technologies and control systems. Specifically, the USCG advises that while advances in systems and technologies can improve the efficiency and scope of operations, there is a heightened risk of increased threats posed by malicious actors. These cyber actors have demonstrated a willingness to conduct malevolent activity against maritime critical infrastructure by exploiting internet-accessible operational technology (OT) assets.
For further reference, members are recommended to refer to USCG Navigation and Vessel Inspection Circular (NVIC 1-20) on ‘Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities.’
Category: Loss Prevention