Ships that fail to comply with cyber-security code of the International Maritime Organisation (IMO) may face detention from January 1, 2021. This comes as the IMO identified the management of cyber-security as a key aspect of safety as technology becomes essential in ship operations.
The group has identified cyber-security as a major risk to be addressed in safety management systems. The handling of the risks is to be verified in audits from January 1, 2021 onwards.
Director of Maritime Safety at the IMO, Heike Deggim, told the Safety@Sea webinar that “there is a strong need to balance the benefits of new technologies with safety and security concerns, in particular, cyber-security.
“Many people tend to have a very outdated view of what modern shipping looks like. Modern ships are technologically advanced workplaces and IMO plays an important part in shaping the development,” she said.
Recent reports have revealed that cyber-attacks are on the rise in shipping. Deggim said Cyber technologies have become essential to the operation and management of numerous systems critical to the safety and security of shipping and protection of the marine environment, including bridge systems, cargo handling and management systems, propulsion and machinery management systems, power control systems and administrative and crew welfare systems.
She added that one of the most critical developments in smart shipping and rapidly gaining importance is cyber-security, recognising the use of electronic technologies is continually increasing in many areas of shipping.
With the process of digitalisation accelerated by the COVID-19 pandemic, cyber-attacks have become more common not just in shipping, but globally in 2020, and indeed the IMO itself was hit by a cyber-security incident.
Dekkim detailed how cyber risks will have to be addressed in a vessel’s safety management system from the annual verification of its Document of Compliance from January 1, 2021.
“Considering the human element aspect is vital in this regard, while systems can be protected and recovered by implementing different IT technologies, it is important humans understand the risks associated with the use and operation of critical systems.
“Thus implementing good cyber discipline within an organization is critical in good cyber risk management as much in shipping as anywhere else,” Dekkim said in the webinar.