The Round Table of international shipping associations (RT) comprising BIMCO, ICS, Intercargo and INTERTANKO is developing standards and guidelines to address the major cyber security issues faced by the shipping industry.
Protection against malicious attacks on computer based systems onboard ships is now hitting the top of the agenda for shipping organisations in all corners of the world, according to BIMCO.
The International Maritime Organization (IMO) has already heard calls for action and the insurance industry repeatedly lists the issue as one for concern. The Round Table has made a submission to the IMO on this vital issue outlining the steps taken by the industry to address any vulnerabilities.
The vulnerabilities can be numerous and the threats imminent – the question of protection is a complex set of issues and not just about operating a firewall on a ship or installing virus scanning software on the onboard computers. All of the major systems on a modern ship are controlled and monitored by software; these include the main engine, steering and navigation systems, and the ballast water and cargo handling equipment.
To address this problem and help the industry to protect itself against these risks, the RT is already working with industry partners on a number of complementary projects to develop standards and guidelines to address the cyber security issues.
This guidance to ship owners and operators includes how to minimize the risk of a cyber-attack through user access management; protect on board systems; develop contingency plans; and also manage incidents if they do occur.
The RT (through BIMCO) and CIRM (Comité International Radio-Maritime) is also in the final phase of developing a standard for the maintenance and update of programmable electronic systems.
These programs are all interrelated and address how industry stakeholders should develop, manage, update and secure computer-based systems onboard ships.
Angus Frew, Secretary General of BIMCO, said: ”The Round Table representing the global shipping industry is taking cyber security seriously. The standards under development are intended to enable equipment manufacturers, service personnel, yards, owners & operators, as well as crew, to ensure their shipboard computer-based systems are managed securely – and kept up-to-date to protect against the ever-growing threat from exploitation by criminals.”