Here are some items we see relevant at present to have an overall understanding of cyber security issues:
- Cyber resilience demands a focus on people; the crew on-board are to be trained or briefed sufficiently about the company requirements.
- Systematic approach – cyber risk element will be included in the ISM Code; the IMO resolution MSC.428(98) says that cyber risks are to be appropriately addressed in safety management systems no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.
- IACS members are jointly developing 12 sets of guidelines.
- List of typical equipment on-board likely to be affected by cyber risks and issues to be carefully looked at;
- Business Continuity, Incident Response Plan and mitigation
- What are the external links on the responsible chain.