In the face of emerging cybersecurity threats to the industry and with the MSC resolution in mind, IMO has taken the decision to incorporate mandatory cybersecurity requirements into the International Safety Management Code, ISM.
As of January 1, 2021, cybersecurity must be addressed by all players in the shipping industry and incorporated into their Safety Management Systems, SMS.
One organisation which was quick to respond to these new circumstances was the Oil Companies International Marine Forum, OCIMF. Beginning in January 2018 the OCIMF updated Tanker Management and Self Assessment, TMSA, version 3, with a 13th Performance Element. This new element deals specifically with cybersecurity.
What do developments like these mean for the worldwide maritime sector? More specifically, what does the ISM Code, a SOLAS requirement, and TMSA version 3, best industry practice, require when it comes to preventing cyber crime at sea?
The ISM Code requires modification to a company’s SMS and should now include the following.
In order to comply to ISM Cyber Security requirements and develop specific analysis six steps have to be followed:
Any business operating under the jurisdiction of the new ISM Code should start planning to update their SMS accordingly. The deadline is no later than the first annual verification of the company’s Document of Compliance following January 1st 2021.
For all organizations concerned the message is clear. In order to be prepared and to develop the required business cybersecurity posture, including provisions relating to third party ecosystems, start planning now for the implementation of best-practice. In support of this action IMO has updated it´s guidelines on cybersecurity.
MITEK ltd Cyber Security team helps you to analyse the cyber security status of your operational IT and O T system both on board and ashore and to moitigate identified risks.
Our comprehensive cyber security solutions include in more detail the followings:
CYBER SECURITY MANAGEMENT