Page 19 - INTERCARGO - Annual Report_2021
P. 19
Cyber Risks
The International Maritime
Organization (IMO) adopted
a resolution, ‘Maritime Cyber
Risk Management in Safety
Management Systems (res
MSC.428(98)’, in June 2017.
The resolution encourages
Flag States to ensure that
cyber risks are appropriately
INTERCARGO continues to be involved in the development of
addressed in the existing Safety the Industry Guidelines on Cyber Security Onboard Ships, first
Management Systems (SMS) published in 2016. Version 4 of the Guidelines was published in
December 2020. The Industry Guidelines are designed to de-
of a shipping company no later velop understanding and awareness of key aspects of cyber
than the first annual verification security and cyber safety. They focus on distinctive issues on
board ships and assume a high level of commitment from the
of the company’s Document of company ashore. IMO issued circular MSC.1/Circ.1639 on 14
Compliance after 1 January 2021. June 2021 which drew the attention to the industry Guidelines,
v.4 when addressing cyber risks on ships, in accordance with
INTERCARGO members are the objectives and functional requirements of the ISM Code,
as encouraged by resolution MSC.428(98).
actively involved in supporting the
The International Association for Classification Societies
implementation of this resolution, (IACS) issued its own guidance, ‘Recommendation on Cy-
and regularly share experiences ber Resilience (No. 166)’ in May 2020. The IACS recommen-
dation applies to new build ships only and can also serve as
via the channels established by the guidance for existing ships on the use of computer-based
Association to assist members in systems which provide control, alarm, monitoring, safety or
internal communication functions.
complying with the relevant IMO
Since late 2020 INTERCARGO members have provided
requirements in the area of cyber feedback and comments on both the development process-
security. es and the following drafts of the IACS unified requirements:
• unified requirements for cyber resilience of new ships,
covering appropriate portions of Recommendation 166;
• unified requirements for cyber resilience of onboard
systems and equipment, the requirements to certify a
cyber system equipment used for essential and critical
systems on board, including design, requirements
for cyber resilience towards cyber threats, validation,
certification and change management of those cyber
systems;
• updated version of existing unified requirement about
onboard use and application of computer-based
systems (unified requirement E22), to improve and
clarify the requirements for the life cycle activities
of computer-based systems for both suppliers and
For more information on this topic please visit: system integrators.
intercargo.org/topics/cyberisks
17
