Cookies help us deliver the best experience on our website. By using our website, you agree to our use of cookies Dismiss

BIMCO publishes latest edition of cyber risk management guidelines

The fourth edition of the industry cyber risk management guidelines, Guidelines on Cybersecurity Onboard Ships is now available and lays the foundation for further improvements and refinement of companies’ cyber security risk assessments.

The version 4 of the cybersecurity guidelines is published at a time when shipowners and ship managers are faced with a requirement to implement cyber risk management in their safety management systems (SMS) by the time of their first Document of Compliance audit after 1 January 2021. While the previous version (version 3 dated November 2018) offered the necessary guidance for the initial work of implementing cyber risk management in the SMS, the new version contains several improvements.

“In recent years, the industry has been subjected to several significant incidents which have had a severe financial impact on the affected companies,” said Dirk Fry, chair of BIMCO’s cybersecurity working group and director of Columbia Ship Management.

“While these incidents have had little or no safety impact, they have taught us some very important lessons which have been incorporated into the new version of the guidelines,” he added.

The fourth version contains general updates to best practises in the field of cyber risk management, and as a key feature, includes a section with improved guidance on the concept of risk and risk management. The improved risk model takes into consideration the threat as the product of capability, opportunity, and intent, and explains the likelihood of a cyber incident as the product of vulnerability and threat. The improved risk model offers explanation as to why still relatively few safety-related incidents have unfolded in the maritime industry, but also why this should not be misinterpreted and make shipping companies lower their guard.

”With the increased connection of devices and systems to the internet, more opportunities will present themselves and more vulnerabilities in need of safeguarding will emerge in the future.

“Cybersecurity is an arms race between the attackers and the defenders, where the attacker has the luxury of first choice of weapon. Because we can never be 100 per cent secure in such circumstances, we must extract all the learnings we can from past events. We should be capable of quickly recovering from incidents because we know they will most likely occur at some point. Drawing on the most recent experiences from the industry and beyond, the new version of the guidelines will help us achieve just that.”

Related items

Joomla SEF URLs by Artio

Login/Register

Register or Login to view even more of our content. Basic registration is free.

Register now

Digital Ship magazine provides the latest information about maritime satellite communications technology, software systems, navigation technology, computer networks, data management and TMSA. It is published ten times a year.

 

Address:
Digital Ship Ltd
Digital Ship - Digital Energy Journal
39-41 North Road
London
N7 9DP
United Kingdom

Copyright © 2020 Digital Ship Ltd. All rights reserved           Cookie Policy         Privacy Policy

x