Standard Club

Standard Club has merged with North to form NorthStandard. Find out more about NorthStandard here or continue on this site to access industry news, publications and expertise, as well as club rules and contacts.  

We have a new UK Emergency Contact number Find out more here

News: New recommendations on building cyber resilient ships

News & Insights 12 May 2020


Cyber attacks have become an expanding and real threat to vessels which have shifted the risk from internal vulnerabilities to external ones.

As technology has been increasingly incorporated into the shipping industry, in an attempt to reduce human error in the management and navigation of vessels, there have been nefarious attempts (some successful) to discover and exploit cracks in these computerised systems. Cyber attacks have become an expanding and real threat to vessels which have shifted the risk from internal vulnerabilities to external ones.

In efforts to ensure that the technology incorporated into vessels is as robust and capable of meeting these new types of threats, the International Association of Classification Societies (IACS) has publicised a new recommendation on how to build cyber resilient ships. This is an attempt to ensure a set of standardised criteria can be met to combat deficiencies and weaknesses in systems incorporated into new buildings. It applies to the use of technical systems that provide important functions on board such as control, alarm, monitor, safety and internal communication.

According to the publication, it

'is to provide technical requirements to stakeholders which would lead to delivery of cyber resilient ships, whose resilience can be maintained throughout their service life'.

It is meant to provide

'crew and ships the capabilities to effectively cope with cyber incidents occurring on computer-based systems onboard which contribute to operate and maintain the ship in a safe condition' 

– in a context of prevention rather than cure.
 
The recommendation is written with recognised elements of effective cyber risk management in mind – Identify, Protect, Detect, Respond and Recover. These are also used in the IMO and the industry guidelines.
 
The recommendation can be found on the IACS website. ​

You are currently offline. Some pages or content may fail to load.