Commercial Vessel Compliance

6/10/2016: IMO Approves Interim Guidelines on Maritime Cyber Risk Management

From the desk of Rear Adm. Paul Thomas, assistant commandant for prevention policy

On May 20th at the 96th session of the Maritime Safety Committee, the International Maritime Organization approved the Interim Guidelines on Maritime Cyber Risk Management, which will soon be published as circular MSC.1/Circ. 1526. A draft version of the Circular is now available on the US Coast Guard – Office of Design & Engineering Standards website.

The Coast Guard participated with 43 other countries in the IMO’s Maritime Cyber Risk Management Working Group to develop these guidelines to provide high-level recommendations to safeguard shipping from current and emerging cyber-related threats and vulnerabilities. The intent is to review and implement the Guidelines and identify areas for improvement to be brought to the attention of the 97th session of the Maritime Safety Committee which occurs November 2016.

Risk management has always been fundamental to safe and secure shipping operations, and has traditionally focused on operations in the physical domain. However, the growing reliance on computers has led to an ever-increasing integration and automation of shipboard systems and the widespread use of networked technologies. This, in turn, has created a critical need for cyber risk management.

Intended to complement existing safety and security management practices already established by the IMO, the guidelines will lay out an operational risk management approach. Focused on addressing the threats and vulnerabilities arising from cyber related technologies in the operation and management of shipboard systems, the guidelines will provide users with a pragmatic approach to managing risk across the spectrum of critical systems integral to maritime operations.

The approach to risk management, which is described in the guidelines, provides a foundation for better understanding and managing cyber risks. It is also intended that this guidance be supplemented by further guidance from Flag Administrations, national and international standards organizations and industry associations such as the “The Guidelines on Cyber Safety and Security Onboard Ships” produced by BIMCO, CLIA, ICS, INTERCARGO and INTERTANKO.

The Coast Guard wants your feedback, questions and concerns. You can submit your feedback to the Coast Guard or call 202-372-1372.

Maritime Commons will provide notification when the final guidelines are posted.

This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.

Leave a Reply