The second edition of The Guidelines on Cyber Security Onboard Ships has been released. The latest practical advice has been compiled by the joint industry group, which is led by BIMCO and now includes new members OCIMF and IUMI, as well as the original contributors CLIA, ICS, INTERCARGO and INTERTANKO.
The second edition includes information on insurance issues and how to effectively segregate networks, as well as new practical advice on managing the ship to shore interface, and how to handle cyber security during port calls and when communicating with the shore side.
The chapters on ‘contingency planning’ and ‘responding to and recovering from cyber incidents’ have been rewritten to reflect the fact that the guidelines are aimed specifically at ships and the remote conditions prevailing if a ship’s defences have been breached.
The Guidelines on Cyber Security Onboard Ships have also been aligned with the recommendations given in the International Maritime Organization’s (IMO) Guidelines on cyber safety management which were adopted in June 2016.
A new subchapter on insurance has been added, looking at coverage after a cyber incident as this is an important part of the risk assessment which shipowners should now take into consideration. Finally, the Annex, which explains about networks, has been rewritten based on real experience of shipowners segregating networks on their ships.
Angus Frew, BIMCO Secretary General and CEO said:
“Cyber security is certainly a hot topic for all of us now, and this latest guidance includes valuable information, applying a risk based approach to all of the areas of concern, highlighting how an individual’s unwitting actions might expose their organisation.
The first version of the guidelines was well received by the industry and acknowledged by the IMO and we really do believe that the update offers the most comprehensive guidance for the shipping industry today.
In the light of recent events we urge everyone across the industry to download it – it’s available free of charge – and to consider the risk cybercrime may pose to their ships and operations. Ignorance is no longer an option, as we are all rapidly realising”.