IMO Maritime Cyber Risk
What are the regulations?
Pelion Consulting has been actively working in tandem with the IMO on the issued MSC-FAL.1/Circ.3Guidelines on maritime cyber risk management.
MSC.428(98) on Maritime Cyber Risk Managementin Safety Management System (SMS) are also on the horizon
It's been decided that no later than the annual verification of each company’s Document of Compliance, the 1st of January 2021, all shipping companies will be mandated to ensure that cyber risks are appropriately addressed in existing safety management systems (as defined in the ISM Code).
According to the IMO, maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.
Minimise Cyber Risks
Pelion Consulting has a pedigree of maritime and cyber security experienced with a strong background in the yachting sector.
By implementing controls for critical systems, both OT and IT, you are safeguarding your vessel and people from the latest threats.
We take the headache out of the process, working with your operations teams to ensure the SMS (Safety Management System) is updated and ready for audit after the deadline date.
Align with the All the Standards
Align with IMO's guidelines and other international standards such as BIMCO, NIST, ISO, IEC, IACS, among others.
- Identify: Define personnel roles and responsibilities for cyber risk management and identify the systems, assets, data and capabilities that, when disrupted, pose risks to ship operations.
- Protect: Implement risk control processes and measures, and contingency planning to protect against a cyber-event and ensure continuity of shipping operations.
- Detect: Develop and implement activities necessary to detect a cyber event in a timely manner.
- Respond: Develop and implement activities and plans to provide resilience and to restore systems necessary for shipping operations or services impaired due to a cyber-event.
- Recover: Identify measures to back-up and restore cyber systems necessary for shipping operations impacted by a cyber-event.