Subscribe to our Mailing Lists (It's free!)
Thursday, August 11, 2022
SAFETY4SEA
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    recaap isc

    ReCAAP ISC: Four incidents of armed robbery against ships in Asia

    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    monkeypox

    WHO: Monkeypox is a Public Health Emergency of International Concern

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

    combination vessel rotor sail

    Combination vessel to be retrofitted with rotor sail system

    oil spill Terrebonne Bay

    Oil spill in Terrebonne Bay after storage tank collapses

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    cyprus shipping

    Cyprus to accelerate digitalization for shipping

    hapag lloyd

    Hapag-Lloyd to track containers in real time

    avikus

    South Korean companies to use autonomous navigation technologies

    wan hai lines

    Wan Hai names three smart containerships

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    uk mca ships detentions

    Seven new foreign flagged ships detained in UK ports during July 2022

    indonesia coal exports ban

    Indonesia to impose more coal export bans

    black sea mou cic stcw

    Black Sea MoU announces PSC Concentrated Inspection Campaign on STCW

    amsa psc annual report 2021

    AMSA PSC Annual Report 2021

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    audits

    Amendment in standard for bodies providing audits and certification of information security management systems

    nautical institute

    Nautical Institute Singapore Conference 2022 reveals speaker line-up

    ports congestion

    FMC Commissioner: US ports congestion result of lack of accountability

    wood cargo ashore

    Watch: Wood cargo washed ashore after falling from cargo ship

  • Columns
    undewater noise

    Port of Vancouver: Slowing ships down supports healthier ecosystems

    human sustainability

    Wilhelmsen: Competence is vital for industry’s sustainability

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
  • Home
  • Safety
    • All
    • Accidents
    • Alerts
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
    recaap isc

    ReCAAP ISC: Four incidents of armed robbery against ships in Asia

    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    monkeypox

    WHO: Monkeypox is a Public Health Emergency of International Concern

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

  • Green
    • All
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
    uk ballast laws

    UK: New law restricts ships discharge of ballast water

    Bunker fuel contamination

    UK Club: Bunker fuel contamination cases on the rise

    combination vessel rotor sail

    Combination vessel to be retrofitted with rotor sail system

    oil spill Terrebonne Bay

    Oil spill in Terrebonne Bay after storage tank collapses

  • Smart
    • All
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
    cyprus shipping

    Cyprus to accelerate digitalization for shipping

    hapag lloyd

    Hapag-Lloyd to track containers in real time

    avikus

    South Korean companies to use autonomous navigation technologies

    wan hai lines

    Wan Hai names three smart containerships

  • Risk
    • All
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    uk mca ships detentions

    Seven new foreign flagged ships detained in UK ports during July 2022

    indonesia coal exports ban

    Indonesia to impose more coal export bans

    black sea mou cic stcw

    Black Sea MoU announces PSC Concentrated Inspection Campaign on STCW

    amsa psc annual report 2021

    AMSA PSC Annual Report 2021

  • Others
    • All
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
    audits

    Amendment in standard for bodies providing audits and certification of information security management systems

    nautical institute

    Nautical Institute Singapore Conference 2022 reveals speaker line-up

    ports congestion

    FMC Commissioner: US ports congestion result of lack of accountability

    wood cargo ashore

    Watch: Wood cargo washed ashore after falling from cargo ship

  • Columns
    undewater noise

    Port of Vancouver: Slowing ships down supports healthier ecosystems

    human sustainability

    Wilhelmsen: Competence is vital for industry’s sustainability

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    WEF: Decarbonization offers opportunities for new green jobs and trade transition

    Trending Tags

    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Resilience
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus
No Result
View All Result
SAFETY4SEA

USCG: Guidance for cyber risk management under ISM

by The Editorial Team
November 3, 2020
in Cyber Security
cyber threats

Credits: Shutterstock

FacebookTwitterEmailLinkedin

The US Coast Guard Office of Commercial Vessel Compliance issued cyber risk management guidance for USCG Marine Inspectors and Port State Control Officers. Cyber risk management must be implemented into vessel safety management systems by the first ISM Document of Compliance verification after January 1, 2021.

The Work Instruction CVC-WI-027, “Vessel Cyber Risk Management” provides guidance to inspectors and officers for assessing cyber hygiene onboard applicable vessels, as well as compliance options if deficiencies are noted.

 

Guidance for assessing cyber security onboard a vessel subject to the ISM Code

RelatedNews

University of Plymouth, BMT collaborate to improve cyber security in maritime

How to know if you have been hacked and what to do about it

During the course of a normal inspection/examination, the MI/PSCO should evaluate whether or not a cybersecurity event was a factor in the failure of a system required for the safe navigation or operation of the vessel.

“Example: While aboard a ship for a PSC exam the 2nd Officer explains that the ECDIS is not operational after a recent electronic chart update. The PSCO asks the 2nd Officer what is the procedure to update the ECDIS? The 2nd Officer explains that the ECDIS is updated via a flash drive loaded with updates from a shipboard computer (this scenario continues throughout the work instruction)”.

Up to this point, the PSCO is still trying to determine why a piece of equipment required for the safe navigation of the vessel is not operating properly. SOLAS Regulation V/27 requires all nautical charts necessary for the intended voyage shall be adequate and up to date. Since the ECDIS is not operational, the applicable SOLAS Regulation is not met.

“Example continued: The PSCO continues by querying the 2nd Officer if the flash drive was scanned for viruses/malware prior to connecting to the ECDIS, and they state “no.” At this point, poor cyber hygiene may have occurred and the PSCO has established clear grounds to conduct a more detail exam including the cyber risk management portion of the SMS”.

 

Deficiencies

If objective evidence is identified indicating that the vessel failed to implement its SMS with respect to cyber risk management, the MI/PSCO should direct the vessel to take the following actions:

a. For US vessels:

  1. MIs should follow the guidance in reference (k) which sets forth guidance for assessing the effectiveness of a company’s SMS on US flag vessels

b. For foreign vessels:

  1. If cyber risk management has not been incorporated into the vessel’s SMS by the company’s first annual verification of the DOC after January 1, 2021, a deficiency should be issued with action code 30 – Ship Detained, with the requirement of an external audit within 3 months or prior to returning to a US port after sailing foreign.
  2. When objective evidence indicates that the vessel failed to implement its SMS with respect to cyber risk management, then the PSCO should issue a deficiency for both the operational deficiency and an ISM deficiency with an action code 17 – Rectify Prior to Departure and require the vessel to conduct an internal audit, focused on the vessel’s cyber risk management, within 3 months or, prior to returning to a US port after sailing foreign.
  3. When objective evidence indicates there is a serious failure to implement the SMS with respect to cyber risk management that directly resulted in a cybersecurity incident impacting ship operations (e.g. diminished vessel safety/security, or posed increased risk to the environment), after gaining concurrence from the OCMI, the PSCO should issue a deficiency for both the operational deficiency and an ISM deficiency with action code 30 – Ship Detained with the requirement of an external audit within 3 months or prior to returning to a US port after sailing foreign.

c. With the exception of US vessels described in a.1 above, deficiencies issued with respect to ISM and cybersecurity should be assigned deficiency code 15113 (Other ISM) on the respective deficiency form (PSC Form B) and entered into MISLE marked “Worklist Item/Do Not Show in PSIX” and include the word ‘CYBERSECURITY-ISM’ at the beginning to aid with data analysis.

 

Tags: cyber securityISM Coderegulatory updatesafety management systemssmUSCG

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

audits

Amendment in standard for bodies providing audits and certification of information security management systems

August 10, 2022
nautical institute

Nautical Institute Singapore Conference 2022 reveals speaker line-up

August 10, 2022
MARITIME EVENTS

RISK4SEA Facts

Did you know that Panamax had an increase in detentions in Paris MoU? 25% increase in detentions within 2020 vs. Last3Y.

Learn more risk4sea.com

Explore

  • Safety
  • Green
  • Smart
  • Risk
  • Others
  • Events
  • Plus

Useful Links

  • About
  • Disclaimer
  • Editorial Policies
  • Advertising
  • Contact

© 2021 SAFETY4SEA

No Result
View All Result
  • Safety
    • Alerts
    • Accidents
    • Loss Prevention
    • Maritime Health
    • Regulation
    • Safety
    • Seafarers
    • Security
  • Green
    • Arctic
    • Ballast
    • Emissions
    • Fuels
    • Green Shipping
    • Pollution
    • Ship Recycling
    • Technology
  • Smart
    • Connectivity
    • Cyber Security
    • E-navigation
    • Energy Efficiency
    • Maritime Software
    • Smart
  • Risk
    • CIC
    • Detentions
    • Fines
    • PSC Focus
    • Vetting
  • Others
    • Diversity in shipping
    • Maritime Knowledge
    • Offshore
    • Ports
    • Reports
    • Shipping
    • Sustainability
    • Videos
  • Columns
    • Opinions
    • Career Paths
    • Industry Voices
    • Maripedia
    • Maritime History
    • Seafarers Stories
    • SeaSense
  • Events
  • Plus

© 2021 SAFETY4SEA

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Disclaimer.