Cybersecurity onboard ships, part two.
Updated: Mar 10, 2020
Following the BIMCO Guidelines.
Cyber risk management should:
identify the roles and responsibilities of users, key personnel, and management both ashore and onboard
identify the systems, assets, data and capabilities, which if disrupted, could pose risks to the ship’s operations and safety
implement technical and procedural measures to protect against a cyber incident and ensure continuity of operations
implement activities to prepare for and respond to cyber incidents.
Some aspects of cyber risk management may include commercially sensitive or confidential information. Companies should, therefore, consider protecting this information appropriately, and as far as possible, not include sensitive information in their Safety Management System (SMS).
Cyber risk management approach:
Identify threats - understand the external cybersecurity threats to the ship. Understand the internal cybersecurity threat posed by inappropriate use and lack of awareness.
Identify vulnerabilities - develop inventories of onboard systems with direct and indirect communications links. Understand the consequences of a cybersecurity threat on these systems. Understand the capabilities and limitations of existing protection measures.
Assess risk exposure - Determine the likelihood of vulnerabilities being exploited by external threats. Determine the likelihood of vulnerabilities being exposed by inappropriate use. Determine the security and safety impact of any individual or combination of vulnerabilities being exploited.
Develop protection and detection measures - Reduce the likelihood of vulnerabilities being exploited through protection measures. Reduce the potential impact of a vulnerability being exploited.
Establish contingency plans - Develop a prioritised contingency plan to mitigate any potential identified cyber risk.
Respond to and recover from cybersecurity incidents - Respond to and recover from cybersecurity incidents using the contingency plan. Assess the impact of the effectiveness of the response plan and re-assess threats and vulnerabilities.
Development, implementation, and maintenance of a cybersecurity management program in accordance with the approach above is no small undertaking. It is, therefore, important that senior management stays engaged throughout the process to ensure that the protection, contingency and response planning are balanced in relation to the threats, vulnerabilities, risk exposure and consequences of a potential cyber incident.