International Maritime Cyber Security Organisation launched ‣ WorldCargo News

IMCSO has been launched to enhance maritime cybersecurity through certification, standardisation, and a registry of qualified consultants and suppliers.

The International Maritime Cyber Security Organisation (IMCSO) has been launched to enhance cybersecurity risk assessment in the maritime industry.

IMCSO offers a certification program for security consultants and maintains a professional register, helping shipping organisations select qualified personnel. The organisation will validate and standardise report outputs, storing them in a central database accessible to authorities and third parties for assessing vessel risk.

IMCSO will also provide an authorised supplier registry, listing approved cybersecurity suppliers who meet standards like ISO 27001 and ISO 9001. This registry will detail the qualifications of employed individuals, allowing shipping companies to find experienced personnel by domain and location.

The IMCSO will maintain a risk register database with ship assessment results, ensuring consistent reporting and easy access to a vessel’s cyber risk profile for port authorities and insurers. Standardised data will help track trends in cyber risk, informing the IMO, shipbuilders, insurers, and management companies, thus offering a valuable service to the industry.

“Cybersecurity has been mandated by the International Maritime Organisation (IMO) which requires shipping companies to implement measures to protect their onboard safety management systems and to regularly audit them. However, the change in legislation has given rise to a new maritime cyber security industry that has proven to be variable in its approach to assessing systems and interpreting the standards,” explains Campbell Murray, CEO of the IMCSO.

“Ship’s captains often do not have the time to escort cyber auditors for these assessments, this is compounded by a variety of assessment methodologies used to provide risk and technical audit results to port authorities and insurers, leading to needless complexity, overheads and delays. It’s these issues that the IMCSO aims to address, by equipping the security industry to conduct these tests in an appropriate, safe and uniform manner, thus enabling the sector to benchmark compliance,” added Murray.

“The independent validation of cybersecurity professionals offered by the IMCSO will help our members to select cybersecurity testers in a much more efficient way, ensuring they allow personnel onboard with the requisite experience. It will make it much easier to comply with the IMO mandate and will prove an invaluable resource,” said Caroline Yang, President of the Singapore Shipping Association (SSA).