IMO has issued guidelines on how to enhance maritime cyber security. The guidelines conclude the work to address cyber risks should start at senior managerial level and should include the following steps:
1. Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations.
2. Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations.
3. Detect: Develop and implement activities necessary to detect a cyber-event in a timely manner.
4. Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event.
5. Recover: Identify measures to back-up and restore cyber systems necessary for shipping operations impacted by a cyber-event.
Members are also referred to the guidelines issued by Intercargo and other shipping organisations which the Club reported on in a Member Alert from 5 July 2017.
IMO-MSC-FAL.1_Circ.3-GUIDELINES-ON-MARITIME-CYBER-RISK-MANAGEMENT.pdf
Member Alert is published by The Swedish Club as a service to members. While the information is believed correct, the Club cannot assume responsibility for completeness or accuracy.