Developing standards and guidelines to address the cyber security issues
It has been announced that the Round Table of international shipping associations (RT) comprising BIMCO, ICS, Intercargo and INTERTANKO are developing standards and guidelines to address the major cyber security issues faced by the shipping industry.
Protection against malicious attacks on computer based systems onboard ships is now hitting the top of the agenda for shipping organisations in all corners of the world. The International Maritime Organization (IMO) has already heard calls for action and the insurance industry repeatedly lists the issue as one for concern. The Round Table has made a submission to the IMO on this vital issue outlining the steps taken by the industry to address any vulnerabilities.
The vulnerabilities can be numerous and the threats imminent - the question of protection is a complex set of issues and not just about operating a firewall on a ship or installing virus scanning software on the onboard computers. All of the major systems on a modern ship are controlled and monitored by software; these include the main engine, steering and navigation systems, and the ballast water and cargo handling equipment.
To address this problem and help the industry to protect itself against these risks, the RT is already working with industry partners on a number of complementary projects to develop standards and guidelines to address the cyber security issues.
This guidance to ship owners and operators includes how to:
The RT (through BIMCO) and CIRM (Comité International Radio-Maritime) are also in the final phase of developing a standard for the maintenance and update of programmable electronic systems.
These programs are all interrelated and address how industry stakeholders should develop, manage, update and secure computer-based systems onboard ships. Coordination between these programmes is therefore essential and recognised by the participating organisations.
Angus Frew, Secretary General of BIMCO, said:
"The Round Table representing the global shipping industry is taking cyber security seriously.
"The standards under development are intended to enable equipment manufacturers, service personnel, yards, owners & operators, as well as crew, to ensure their shipboard computer-based systems are managed securely - and kept up-to-date to protect against the ever-growing threat from exploitation by criminals."