Cyber Security: Navigating towards IMO 2021 and beyond

Maritime London concluded its first series of 10 webinars with one entitled ‘Cyber Security: Navigating towards IMO 2021 and beyond’ on 23 July.

Organised in partnership with new member Templar Executives Ltd, the webinar was hosted by Jos Standerwick, Chief Executive, Maritime London. Discussion focused on the IMO’s Resolution on ‘Maritime Cyber Risk Management in Safety Management Systems’, which is due to be implemented in January 2021.

“IMO Resolution 428(98) encompasses the industry response to the growing number of successful cyber attacks across the maritime ecosystem, with the aim of supporting safe and secure shipping,” explained Anu Khurmi, Managing Director, Global Services & MCERT Leader, Templar Executives Ltd. “It encourages administrations to ensure shipping companies assess and mitigate their cyber risk exposure in their Safety Management Systems effective from January 2021.

“Even though the requirement is imminent, there is still the opportunity to invest in IMO 2021 from the perspective of business enablement and not just as a tick box for compliance,” he continued. “For many vessel operators the question is not ‘how little do I need to spend’, but rather ‘how effectively can I spend the little I have’; off the shelf solutions like the MCERT, awareness training and tiered cyber risk assessments such as Templar’s MCRA toolkit can help.

“For the sector, IMO 2021 is not just a destination, but an opportunity to embark on a journey to create a safe, resilient and digitally enabled future,” she concluded.

Chris Adams, Managing Director, Head of European Syndicate & Loss Prevention, Steamship Insurance Management Services Ltd, observed that “the threats to cyber security that ships face are all too similar to those that we face on a daily basis in the office environment, and which have become even more prevalent during the remote working required because of the COVID 19 pandemic.

“Seafarers need to be aware of the important role they have in preventing cyber security breaches on their vessels,” he added. “Increased awareness of the risk and vigilance are key to containing the threat. More information can be found in our loss prevention film “Cyber Security – Smart, Safe Shipping”

Philip Roche, Partner Solicitor at Norton Rose Fulbright LLP, warned that “although there seems to be a lot of focus on the January 2021 ‘deadline’ for inclusion of cyber risk management in the safety management system onboard ships, it is almost certainly the case that if effective measures have not yet been taken in relation to cyber security and cyber-attack response and recovery, then the ship may not be regarded as seaworthy in this respect.

“Owners and managers must exercise due diligence by a process of risk management and training of crew to have better cyber security hygiene and awareness together with plans and procedures to identify and deal with a cyber- attack,” he emphasised. “Reasonable measures should not necessarily be costly and there is no excuse for not training crew and planning to deal with a present and ever-increasing risk.”

Watch the webinar here.