Shipping organisations has recenlty launched a set of guidelines to help the global shipping industry prevent major safety, environmental and commercial issues that could result from a cyber incident onboard a ship.
BIMCO, CLIA, ICS, INTERCARGO and INTERTANKO have jointly produced guidelines on cyber security onboard ships to offer guidance to shipowners and operators on how to assess their operations and put in place the necessary procedures and actions to maintain the security
of cyber systems onboard their ships.
Company plans and procedures for cyber risk management should be seen as complementary
to existing security and safety risk management requirements contained in the International
Safety Management Code (ISM) Code and the International Ship and Port Facility Security
(ISPS) Code.
Cyber security should be considered at all levels of the company, from senior
management ashore to crew on board, as an inherent part of the safety and security culture
necessary for safe and efficient ship operations.
The Guidelines are designed to develop understanding and awareness of key aspects of cyber
security. The Guidelines are not intended to provide a basis for auditing or vetting the individual
approach to cyber security taken by companies and ships.
Existing international standards and guidelines cover cyber security issues for shoreside
operations – whereas these Guidelines focus on the unique issues facing the shipping industry
onboard ships.
The measures to lower cyber security risks include:
- How to raise awareness of the safety, security and commercial risks for shipping
companies if no cyber security measures are in place; - How to protect shipboard OT and IT infrastructure and connected equipment;
- How to manage users, ensuring appropriate access to necessary information;
- How to protect data used onboard ships, according to its level of sensitivity;
- How to authorise administrator privileges for users, including during maintenance and
support on board or via remote link; and - How to protect data being communicated between the ship and the shore side.
The following infographic which is included in the paper sets out key items to raise Cyber Security Awareness
Further details may be found by reading the Guidelines
This issue may be extended to port facilities