News: New workbook on cyber security onboard ships
06 February 2020
BIMCO and the International Chamber of Shipping (ICS) have issued a new cyber security workbook with a view to support the master and officers on board ships in case of a potential cyber incident.
As technology continues to evolve, the associated risks grow, ranging from unauthorised access to malicious attacks to ships' systems and networks. Risks may also occur from personnel accessing systems on board, for example by introducing malware via removable media.
In this regard, the new 'Cyber Security Workbook for On Board Ship Use' provides several checklists of how to protect, detect, respond and recover from a cyber incident, and thereby offers a practical and easy to use guide for the master and the officers. The new workbook gives an explicit introduction to incorporating cyber security into the ship’s management system.
Jonathan Spremulli, Principal Director (Marine) at the International Chamber of Shipping said: 'Across the world the incidents and the risk of cyber-attack are on the increase. The maritime sector is not immune and there are steps that stakeholders including shipyards, shipowners and crews can take to help reduce exposure of ships to the potentially damaging consequences of cyber-attack. This practical, straightforward and easy to understand guide provides invaluable support to shipping companies, their masters and ship’s crews in implementing a robust cyber security risk management regime onboard ships.'
The club is continuously raising awareness to members on issues such as cyber security by issuing web alerts on regulatory and policy initiatives, such as the Guidelines on Cyber Security Onboard Ships which can be found in the link on the right.
Other guidance and standards
Members are advised to ensure that cyber risks are appropriately addressed in existing safety management systems (as defined in the ISM Code) no later than the first annual verification of the company's Document of Compliance after 1 January 2021. In this regard, the following additional sources may be useful:
- Guidelines on Cyber Security Onboard Ships issued by BIMCO, CLIA, ICS, INTERCARGO, INTERMANAGER, INTERTANKO, OCIMF, IUMI and WORLD SHIPPING COUNCIL
- ISO/IEC 27001 standard on Information technology – Security techniques – Information security management systems – Requirements. Published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC)
- United States National Institute of Standards and Technology's Framework for Improving Critical Infrastructure Cybersecurity (the NIST Framework)