The revised rules from the BIMCO-led group include information on insurance issues, how to effectively segregate cyber networks, and how to handle cyber security during port calls and when communicating with shore side operations.
In the wake of the recent “Petya” cybersecurity attack that struck several international companies, including world’s-largest ocean carrier Maersk Line, a joint industry group led by shipping association the Baltic and International Maritime Council (BIMCO) has released a newly updated version of its Guidelines for Cyber Security Onboard Ships document.
The second edition, which was made available for download July 5, includes information on insurance issues and how to effectively segregate cyber networks, as well as new practical advice on managing the ship-to-shore interface, and how to handle cyber security during port calls and when communicating with the shore side.
“Cyber security is certainly a hot topic for all of us now, and this latest guidance includes valuable information, applying a risk based approach to all of the areas of concern, highlighting how an individual’s unwitting actions might expose their organization,” BIMCO Secretary General and CEO Angus Frew said of the updated guidelines.
The chapters on contingency planning and responding to and recovering from cyber incidents have been rewritten to reflect the fact that the guidelines are aimed specifically at ships and the remote conditions prevailing if a ship’s defenses have been breached, according to BIMCO.
The updated guidelines have also been aligned with the recommendations given in the International Maritime Organization’s guidelines on cyber risk management, which were adopted in June.
“The first version of the (joint industry group) guidelines was well received by the industry and acknowledged by the IMO, and we really do believe that the update offers the most comprehensive guidance for the shipping industry today,” Frew said.
In addition to the chapter rewrites, a new subchapter on insurance has been added that looks at coverage after a cyber incident, which BIMCO says is an important part of the risk assessment shipowners should now take into consideration.
Also, the updated document’s annex, which explains about cyber networks, has been rewritten based on what BIMCO says is the real experience of shipowners segregating networks on their ships.
“In the light of recent events we urge everyone across the industry to download it – it’s available free of charge – and to consider the risk cybercrime may pose to their ships and operations. Ignorance is no longer an option, as we are all rapidly realizing.”