Maritime organizations have to implement the necessary cyber security measures as required by IMO from 01st January 2021.
Maritime cyber risk refers to a measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised
Cyber risk management means the process of identifying, analysing, assessing and communicating a cyber-related risk and accepting, avoiding, transferring or mitigating it to an acceptable level, considering costs and benefits of actions taken to stakeholders.
IMO issued MSC-FAL.1/Circ.3 “Guidelines on maritime cyber risk management” in 2017 which provide high level recommendations to safeguard shipping from current and emerging cyber threats and vulnerabilities, including functional elements that support effective cyber risk management. Thereafter IMO’s maritime safety committee adopted these guidelines through resolution MSC 428(98) “Maritime cyber risk management in safety management systems” whereby it is required that an approved safety management system should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code. By this resolution, flag state administrations are required to ensure that cyber risks are appropriately addressed in existing safety management systems as defined in the international safety management code (ISM Code) no later than the first annual verification of the Company’s Document of compliance (DOC) after 01st January 2021.
Refer the following link for details.
https://www.imo.org/en/OurWork/Security/Pages/Cyber-security.aspx