Welcome
About
News
Anonymous Reporting
Tools
MCA Chatter
Library
V-ID Terminal
Support
My Account

News

Icon representing US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels
US Coast Guard Bulletin: Cyber Adversaries Targeting Commercial Vessels

June 21st 2019
Icon representing Would you pay $1m for a laptop full of malware?
Would you pay $1m for a laptop full of malware?

May 23rd 2019
Icon representing Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)
Singapore Opens Maritime Cybersecurity Operations Centre (MSOC)

May 22nd 2019
 
 
 

Maritime transport and digital security issues

 
October 24th 2017
Genoa - The word “cybersecurity” is defined in the dictionary as “the state of being safe from electronic crime and the measures taken to achieve this”.

Genoa - At its 98th session the IMO Maritime Safety Committee adopted regulatory measures to manage the maritime cyber risk due to the increasing reliance on cyber technology into many shipboard operations, including essential services.

The word “cybersecurity” is defined in the dictionary as “the state of being safe from electronic crime and the measures taken to achieve this”. Such broader term has entered in our common speaking and used in relation to many aspects of the daily life, taking into account that most of our activities are highly dependent from a stable and secure cyber system (e.g. everyday activities, work, national security). In relation to the above scenario, the maritime industry is no exception: operations, ports, vessels and facilities are increasingly dependent on cyber systems, raising serious concerns on the consequences of a maritime cyber-attack, such as hacking of e-navigation or other systems: damages of ships, physical injury to crew or passengers, loss of cargo, pollution, disruption of business activities with consequent loss of money.

Therefore, recognizing the urgent need to manage the maritime cyber risk - which may result in shipping-related operational, safety or security failures – the IMO Maritime Safety Committee (MSC 98) adopted, in June 2017, the following regulatory measures:

•Guidelines on maritime cyber risk management (MSC-FAL.1/Circ.3), including high-level recommendations for management of the maritime cyber risk, defined as “measure of the extent to which a technology asset is threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised”. These recommendatory Guidelines contain general elements of cyber risk management, referring for detailed guidance to specific Member Governments’ and Flag Administrations’ requirements, as well as relevant international and industry standards and best practices (e.g. The Guidelines on Cyber Security On board Ships produced and supported by BIMCO, CLIA, ICS, INTERCARGO, INTERTANKO, OCIMF and IUMI; ISO/IEC 27001 standard on Information technology – Security techniques – Information security management systems – Requirements; and United States National Institute of Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity (NIST Framework)). It is worth noting that the NIST has developed a framework to help Companies in identifying and prioritizing necessary activities to achieve specific cyber security outcomes.

•Resolution on maritime cyber risk management in safety management systems (MSC.428(98)) which - considering that cyber risks on board vessels should be managed in the same manner as other operational risks - encourages Flag Administrations to ensure that cyber risks are appropriately addressed in Safety Management Systems required by the ISM Code not later than the first annual verification of the Company’s Document of Compliance after 1 January 2021.

RINA has developed the “Guidelines for the assessment of Marine and Offshore Cyber Security Risks” applicable to ship owners and operators and, in particular, to personnel involved at all levels in the management of cyber risks.

Source

Keywords