Subscribe to our Mailing Lists (It's free!)
Thursday, May 19, 2022
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    itf fishers

    ITF targets UK visa system in report about exploitation of fishers

    robbery callao anchorage

    Robbery at ship at Callao anchorage, Peru

    steep accommodation ladder

    Lessons learned: Steep accommodation ladder can be a safety hazard

    welfare charity for shipping

    Welfare charity announces multimillion pound grant scheme for shipping

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    vehicle terminal powered by renewable energy

    Vehicle terminal powered by renewable energy launched in Yokohama

    eu ets

    WSC: EU ETS revision on the right path, but more improvements are needed

    peru oil spill

    Peru files $4.5bn lawsuit against six companies after January oil spill

    scorpio tankers

    Asian Shipowners’ Association: Need for early entry into force of the Hong Kong Convention

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    bimco software maintenance

    BIMCO, partners to present software maintenance submission to IMO

    emsa drones

    EMSA drones to offer Denmark maritime surveillance

    TotalEnergies launches global drone-based methane and CO2 detection campaign

    TotalEnergies launches global drone-based methane and CO2 detection campaign

    remote offshore inspections

    Demonstration shows capability of drones to conduct remote offshore inspections

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    New Shanghai lockdown creates fears over supply chain disruption

    PSC Focus: Key highlights for containers (CY 2021)

    Malaysia crew change

    Identifying Challenging Ports: Key factors for consideration

    tokyo mou cic

    Tokyo MoU Remote Inspections : Lessons Learned

    PSC Focus: Deficiency Code Ranking and Spread

    PSC Focus: Deficiency Code Ranking and Spread

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    ics covid 19 impact

    ICS report analyzes impact of COVID-19 on shipping and seafarers

    jolly nero

    Book Review: How Jolly Nero aspires to lead to diligent pilotage

    merging plan

    Xeneta: Long-term reefer rates soar to all-time highs on US West Coast to Far East trades

    Malaysia crew change

    Identifying Challenging Ports: Key factors for consideration

  • Columns
    Poseidon Principles for Marine Insurance

    Poseidon Principles for Marine Insurance

    Career Paths: Catarina Fant, Wasaline

    Career Paths: Päivi Brunou, Wärtsilä Voyage 

    Career Paths: Catarina Fant, Wasaline

    Career Paths: Catarina Fant, Wasaline

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    itf fishers

    ITF targets UK visa system in report about exploitation of fishers

    robbery callao anchorage

    Robbery at ship at Callao anchorage, Peru

    steep accommodation ladder

    Lessons learned: Steep accommodation ladder can be a safety hazard

    welfare charity for shipping

    Welfare charity announces multimillion pound grant scheme for shipping

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    vehicle terminal powered by renewable energy

    Vehicle terminal powered by renewable energy launched in Yokohama

    eu ets

    WSC: EU ETS revision on the right path, but more improvements are needed

    peru oil spill

    Peru files $4.5bn lawsuit against six companies after January oil spill

    scorpio tankers

    Asian Shipowners’ Association: Need for early entry into force of the Hong Kong Convention

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    bimco software maintenance

    BIMCO, partners to present software maintenance submission to IMO

    emsa drones

    EMSA drones to offer Denmark maritime surveillance

    TotalEnergies launches global drone-based methane and CO2 detection campaign

    TotalEnergies launches global drone-based methane and CO2 detection campaign

    remote offshore inspections

    Demonstration shows capability of drones to conduct remote offshore inspections

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    New Shanghai lockdown creates fears over supply chain disruption

    PSC Focus: Key highlights for containers (CY 2021)

    Malaysia crew change

    Identifying Challenging Ports: Key factors for consideration

    tokyo mou cic

    Tokyo MoU Remote Inspections : Lessons Learned

    PSC Focus: Deficiency Code Ranking and Spread

    PSC Focus: Deficiency Code Ranking and Spread

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    ics covid 19 impact

    ICS report analyzes impact of COVID-19 on shipping and seafarers

    jolly nero

    Book Review: How Jolly Nero aspires to lead to diligent pilotage

    merging plan

    Xeneta: Long-term reefer rates soar to all-time highs on US West Coast to Far East trades

    Malaysia crew change

    Identifying Challenging Ports: Key factors for consideration

  • Columns
    Poseidon Principles for Marine Insurance

    Poseidon Principles for Marine Insurance

    Career Paths: Catarina Fant, Wasaline

    Career Paths: Päivi Brunou, Wärtsilä Voyage 

    Career Paths: Catarina Fant, Wasaline

    Career Paths: Catarina Fant, Wasaline

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

How IMO addresses cyber risk: An overview

by The Editorial Team
January 14, 2020
in Cyber Security, Smart
How IMO addresses cyber risk: An overview
FacebookTwitterEmailLinkedin

The era of digitalization and rapid development of technologies in the maritime sector has called for immediate action, for the protection of the seafarers and the whole industry, which led the International Maritime Organization (IMO) to issue and implement a series of regulations and guidelines on cyber risk management, with, last but not least, the adoption of the Resolution MSC.428(98). This resolution calls companies to report any cyber risk in their ISM Code no later than January 1, 2021. Yet, keeping in mind that cyber risk is a ‘new’ challenge the industry led eyes on, how did the landscape of cyber regulations evolve the past years?

According to the IMO, ​maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.

To begin with, in an exclusive interview with SAFETY4SEA, Mrs. Cynthia Hudson, CEO, Hudson Analytix has highlighted that any system which is digitally enabled is vulnerable to cyber-attacks, while these days nearly all systems that are connected are vulnerable, and as the shipping environment is being shaped upon the digital world, companies and all shipping stakeholders seem more vulnerable and exposed.

Cyber risk is a crucial barrier to the shipping industry, with attacks taking place more often than in the past, and shipping companies taking measures to deal with them and be protected, as an attack can cause major disruptions to operations.

Referring to the importance of cyber security nowadays, Mr. Chronis Kapalidis, Cyber Expert, HudsonAnalytix, speaking during the 2019 Hellenic American Maritime Forum stated that

RelatedNews

BIMCO, partners to present software maintenance submission to IMO

EMSA drones to offer Denmark maritime surveillance

Cyber security has been over the last years the first non-natural threat to the global risk landscape according to the World Economic Forum. This is only going to get worse because of rising cyber dependency. Everything that we do has a cyber element.

Therefore, taking into consideration the impact of cyber-attacks, the cost and time-loss to resolve operations a shipping stakeholder has to deal with, the International Maritime Organization focused on publishing a series of guidelines to help the industry cope with cyber challenges and boost their cyber risk management.

How it all started

It should be highlighted that except the IMO, additional shipping associations and classes have launched guidance and standards to assist the industry dealing with cyber risk.

#1 June 2016 –MSC.1/Circ. 1526

As the shipping industry had to deal with more and more cyber threats and risks, the Maritime Safety Committee approved, during its 96th session, the “Interim guidelines on maritime cyber risk management”.

These Guidelines set the base for dealing with cyber risks, including recommendations to safeguard shipping from current and emerging cyberthreats and vulnerabilities.

#2 June 2017 –MSC.428(98)

During the 98th session, the Maritime Safety Committee stated that all companies should include in their approved SMS the cyber risk management according with the objectives and functional requirements of the ISM Code.

The Resolution includes further recommendations as well, which can be summarized as following:

  • Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations.
  • Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations.
  • Detect: Develop and implement activities necessary to detect a cyber event in a timely manner.
  • Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event.
  • Recover: Identify measures to back-up and restore cyber systems necessary for shipping operations impacted by a cyber-event.

#3 July 2017 – MSC-FAL.1/Circ.3

In the 98th session, the MSC approved the Guidelines on maritime cyber risk management, with the guidelines referring to ship owners to be used as guidelines but remain non-compulsory.

A wind of change after 2020

By 2020 shipping companies will be required to assess their risk exposure and develop measures to include in their Safety Management Systems to mitigate cyber threats.

The timeframe between 2020-2021 will be catalytic, as the IMO decided that no later than the annual verification of each company’s Document of Compliance, the 1st of January 2021, all shipping companies will be mandated to ensure that cyber risks are appropriately addressed in existing safety management systems (as defined in the ISM Code).

These guidelines provide recommendations and include functional elements that support effective cyber risk management. In addition, the recommendations can be included in existing risk management processes and are complementary to the safety and security management practices already established by IMO.

The above decision highlights the importance of reporting cyber risks, as it has been previously stated that under-reporting is a crucial threat to the maritime sector. Specifically, Be Cyber Aware at Sea in its July issue noted that there is a gap between the number of cyber-related incidents that occur in the maritime industry and the lower number that are being reported.

Also, IMO’s decision is a major step towards being ready and having a risk management approach under the possibility of a cyber-attack.

Applauding IMO’s decision, Mr Kapalidis has commented that

… when we talk about cyber security, it is not a matter of if you will be attacked but when. In order to deal with that, you should have a risk management approach on it and this what the IMO is introducing.

  Did you know?

People and planning are major steps for the utmost protection against a cyber attack:

  1. a) Norsk Hydro was cyber attacked, hit by the comparatively new LockerGoga virus at first, before spreading to its network encrypting files. In light of the incident, Per Martin Tanggaard, Director of Nor-Shipping, stated that this attack was a showcase of the increasing risk that maritime and ocean companies face.
  2. b) Mrs. Cynthia Hudson has advised that before an attack occurs:
  • Assess: Perform a cybersecurity capability assessment of your entire organization
  • Plan: Establish a cyber incident response (IR) plan.
  • Train: Incorporate cyber risks into tabletop exercises.
  • Integrate Plans: Data Loss Prevention (DLP), Disaster Recovery (DR) and Business Continuity Plans (BCP).
Tags: automationcyber incidentscyber riskcyber securitydigitalizationIMOIMO MSCMSCregulatory updatesafety measuresshipping industry

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

ics covid 19 impact

ICS report analyzes impact of COVID-19 on shipping and seafarers

May 19, 2022
vehicle terminal powered by renewable energy

Vehicle terminal powered by renewable energy launched in Yokohama

May 19, 2022
MARITIME EVENTS

Newsletter

GET THE SAFETY4SEA IN YOUR INBOX!

Explore

  • Safety
  • Green
  • Smart
  • Risk
  • Others
  • Events
  • Plus

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Alerts
    • Accidents
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.