Cybersecurity

New maritime cybersecurity body starts operations


A new body looking to raise the standard of cybersecurity risk assessment across the maritime industry, the International Maritime Cyber Security Organisation (IMCSO), started work on Tuesday.

IMCSO also devised a certification programme for security consultants and a professional register, which will assist shipping organisations select experienced personnel.

The organisation will also validate report outputs to ensure consistency with reports held on a central database and make them accessible to the authorities and third parties that need to determine the risk status of a vessel.

“Cybersecurity has been mandated by the International Maritime Organisation (IMO) which requires shipping companies to implement measures to protect their onboard safety management systems and to regularly audit them,” said Campbell Murray, CEO at IMCSO.

The IMCSO Maritime Standard cyber certification scheme offers training across four disciplines. Cyber professionals who take the examination can qualify as offensive security practitioners or maritime cyber security specialists in addition to specific fields including secure by design and cloud security.

Ship captains often do not have the time to escort cyber auditors for these assessments which, with a variety of assessment methodologies used to provide risk and technical audit results to port authorities and insurers, lead to needless complexity, overheads and delays.

According to Murray, these issues are what IMCSO aims to address, by equipping the security industry to conduct these tests uniformly.

An authorised supplier registry will also be made available by the IMCSO and will act as a record of approved cyber security suppliers within the maritime cyber security speciality. In addition to profiling the organisation, the register will also reference the individual qualifications of those they employ.  

Moreover, the standardised vessel-by-vessel data will allow for the building of a sharable and searchable dataset that will enable IMCSO to track trends in cyber risk. It will also be used to inform the IMO, shipbuilders, insurers, and management companies of such trends.

“The IMCSO promises to simplify the risk assessment process and to give third parties the information they need to accurately determine risk. This will result in more accurate cyber insurance policies, for instance, and the ability to use the report data to track cyber trends may help the sector to become more resilient,” added captain Kaela Bermeister.

“The independent validation of cybersecurity professionals offered by IMCSO will help our members to select cybersecurity testers in a much more efficient way, ensuring they allow personnel onboard with the requisite experience and make it much easier to comply with the IMO mandate,” stated Caroline Yang, president of the Singapore Shipping Association.



Source

Related Articles

Back to top button