Page 19 - INTERCARGO - Annual Review 2019/2020
P. 19

Cyber Risks









                                                             Industry Guidelines


                                                             INTERCARGO is involved in the development of the Indus-
                                                             try Guidelines on Cyber Security Onboard Ships, first pub-
                                                             lished in 2016. Version 4 of the Guidelines is expected to be
                                                             published by the end of 2020, and by continuing to partic-
                                                             ipate in the work of the joint industry working group, com-
                                                             ments from INTERCARGO Members have shaped the draft-
                                                             ing and review of this important resource.

                                                             The Industry Guidelines are designed to develop under-
                                                             standing and awareness of key aspects of cyber security
                                                             and cyber safety. They focus on distinctive issues onboard
                                                             ships and assume a high level of commitment from the com-
                                                             pany ashore.
                                                             The  International  Association  for  Classification  Societies
                                                             (IACS) issued its own guidance, ‘Recommendation on Cy-
                                                             ber Resilience (No. 166)’.  The IACS recommendation ap-
                                                             plies to new build ships only and can also serve as guidance
                                                             for existing ships on the use of computer-based systems
                                                             which provide control, alarm, monitoring, safety or internal
                                                             communication functions. IACS is expected to develop sev-
                                                             eral sets of Unified Requirements on cyber resilience to ap-
                                                             ply to ship new buildings.


                                                             IMO Requirements



                                                             The International Maritime Organization (IMO) adopted a
                                                             resolution, ‘Maritime Cyber Risk Management in Safety
                                                             Management Systems (res MSC.428(98)’, in June 2017. The
                                                             resolution encourages Flag States to ensure that cyber risks
                                                             are appropriately addressed in the existing Safety Manage-
                                                             ment Systems (SMS) of a shipping company by 1 January
                                                             2021.
                                                             Ship  safety  and  security  cannot  be  separated,  and  both
                                                             are complementary to safety and security management
                                                             practices. Cyber risk is a security issue but also falls un-
                                                             der ship safety management. Maritime cyber risk manage-
                                                             ment should be reflected by appropriate cyber risk manage-
                                                             ment procedures in the SMS of the company. At the same
                                                             time, the physical security aspects of cybersecurity should
                                                             be addressed in the Ship Security Plan (SSP).





          For more information on this topic please visit:
          intercargo.org/topics/cyberisks


                                                                                                           19
   14   15   16   17   18   19   20   21   22   23   24