As the IMO’s Maritime Safety Committee 98 has confirmed that cyber risks should be managed under the ISM Code, the North of England P&I Club urges operators to act without delay, to ensure that cyber risks are addressed in their safety management systems, in order to identify vulnerabilities and to achieve safeguard against these risks.
The authorities in many countries have been concerned over the vulnerability of shipping to cyber risks for some time and have been encouraging voluntary adoption of cyber risk management practices. This latest development leaves ship-owners with no option, but to address cyber risks through their SMS.
Resolution MSC.428(98)affirms that an approved safety management system should take into account cyber risk management and encourages Administrations to ensure that cyber risks are appropriately addressed in safety management systems, no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.
However, the prospect of dealing with cyber security will be daunting for many shipping companies, according to the Club. It’s new, involves things that may not be fully understood, and most of shippers are not likely to have received any formal training in such risks.
What is a definite plus is that shipping companies will be very familiar with the risk management framework suggested by the IMO Guidelines on Cyber Risk Management and industry Guidelines on Cyber Security Onboard Ships.
Act Now 2021 is not far away. Cyber risks can affect almost every part of a shipping company. There will be lots to do to identify risks and vulnerabilities and to take steps to safeguard against these risks. Don’t delay, act now.
