For the latest news, updates and advice on COVID-19 click here

Cookies on this site

This site uses cookies to store information on your computer. By using our site you accept the terms of our Privacy Policy

Accept and close
Emergency Number +44 7932 113573



News: USCG guidance on Cyber Risk Management

17 November 2020

As highlighted in the club's recent guidance, available on the right, cyber risk management needs to be implemented in safety management systems (SMS) by the first International Safety Management (ISM) Document of Compliance (DOC) verification after 1 January 2021.​

In an effort to address cyber threats in the maritime sector, the United States Coast Guard (USCG) has issued a work instruction (CVC-WI-027) to provide guidance to Coast Guard Marine Inspectors and Port State Control Officers for assessing cyber hygiene onboard applicable vessels, as well as compliance options if deficiencies are noted.
The USCG previously published a Marine Safety Information Bulletin (MSIB 19-20) to highlight recent cyber events involving increasingly sophisticated malicious email spoofing techniques, and MSIB 18-20 as an advisory on the urgent need to protect operational technologies and control systems. Specifically, the USCG advises that while advances in systems and technologies can improve the efficiency and scope of operations, there is a heightened risk of increased threats posed by malicious actors. These cyber actors have demonstrated a willingness to conduct malevolent activity against maritime critical infrastructure by exploiting internet-accessible operational technology (OT) assets.
For further reference, members are recommended to refer to USCG Navigation and Vessel Inspection Circular (NVIC 1-20) on ‘Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities.’