What are the IMO cyber security guidelines? If you are one working in the maritime or know someone who does, you may want to know this.
Cyber security is vital to every sector. And that is also true for the maritime sector. Ships are in danger in the event of a cyberattack.
So, that is why the IMO or International Maritime Organization is making some moves. This is to ensure all those under them are safe from these attacks.
In this article, we will be talking about some brief detail about the IMO cyber security. If you are interested, read on to know more.
International Maritime Organization (IMO)
IMO is an agency by the United Nations.
Its main duty is to take measures to better the safety and security of international shipping. So, they make the standards to ensure this.
Also, they are the ones making sure there isn’t any pollution from ships. Overseeing all parts of worldwide shipping regulations. Like legal issues and shipping efficiency.
Here are some further details about the agency:
- make strategies and measures to keep the waterways clean
- its governing body meets every two years
- not the ones enforcing policies
- they are the only ones making the policies, and if the government accepts it, they will be the ones to enforce
As mentioned, they make the standards for the safety of international shipping. So, this includes cyber security.
Thus, the IMO made a cyber security guideline.
IMO Cyber Security
Cyber security in the shipping sector is lacking. That is why it poses a higher risk to the safety of the ship, crew, cargo, and shipowner.
Also, vessel operations have Operating Technology (OT) systems. These systems control onboard physical systems like ECDIS and ARPA.
It also controls the Information Technology (IT) systems. Which manages the data processing and communications.
Before, the OT and IT systems are separate. But now, more vessels are linking these two together via the internet. This is to update and patch the OT systems.
As a result, it can be more prone to viral or Malware infection. Which means a higher cyber security risk is present.
IMO sees a maritime cyber risk as an event that can cause shipping:
- operational failure
- safety failure
- security failure
All as a result of IT and OT systems being attacked, lost, or damaged.
So, to prevent this, the IMO made the Resolution MSC.428(98). Or the Maritime Cyber Risk Management in Safety Management Systems.
This encourages flag states to ensure they have proper control of cyber risks. And that their procedures are in the ISM Code Safety Management Systems (SMS).
Then, the IMO made a deadline of January 1, 2021, to fulfill this.
Cyber risk management means a process of these steps:
- knowing cyber risks
- assessing cyber risks
- reporting cyber risks
- minimizing cyber risks to ‘as low as reasonably practicable’ (ALARP) level
The main aim of IMO is to make the global shipping sector resilient to these cyber risks. Making it hard for Malware criminals and terrorists to attack any of them.
Rate this post: