News + Resources

The decision by the Maritime Safety Committee of the International Maritime Organisation (IMO) to include cyber security in ship safety management system will soon be put into practice. An important step to improve security aboard ships, it brings a necessary, if slightly belated, focus on the cyber security of vessels as part of the essential underpinning of their seaworthiness. Done properly, the implementation of the standards and the audit thereof can become a focal point of the shipping companies’ licence to trade.

It recognises that a cyber-attack could be the root cause of a safety incident or environmental event. And it points to a future where more digitised ships, possibly with increased autonomy, will require continual improvements in security to guarantee their ongoing seaworthiness.

The IMO has wisely taken the standard Network and Information Systems Directive ‘identify-protect-detect-respond-recover’ cyber security framework categories as its core. It has had to rationalise the content in a way that will be understandable in a marine environment, by focusing the cyber measures on events that could threaten the safety of the vessel, or the environment. While shipping companies have had three years to consider the implications of these requirements, the regulations take effect on 1 January 2021 and there is still a long way to go.

It can seem like a monumental task, but with the help of Astaara, shipping companies can quickly bring themselves to the place they need to be. Astaara provides multi-faceted cyber risk management support to shipowners and operators, ports, terminals and other components of the marine ecosystem. From risk analysis through to risk transfer, we can help you identify the risks, the threats, the activities you need to undertake to mitigate the risks and provide you with cost-effective risk transfer mechanisms. We combine experienced insurance professionals with advanced cyber expertise.

We provide access to what we believe to be best in class capability, whether for training, risk management, technology deployment, system monitoring and incident response. Our insurance solutions are built around your requirements rather than simply removing buybacks. We believe in helping you become resilient against cyber-attacks, capable of recovering quickly and reducing business losses. Specifically:

• We work with you on the development of the policies necessary to underpin your cyber security regime;
• We assess your status under the standard, identify the key gaps and recommend means to fill up whether through people, process change or technology;
• We identify the key risks to your business and your vessels and most effective means of mitigating those risks;
• We help you optimise your organisational structures to deliver effective business continuity and disaster recovery planning;
• We access cutting edge capabilities whether technical or training to help educate and inform your people;
• We mentor your leadership as they develop the cyber skills necessary to fulfil the role; and
• We can shape insurance cover to meet your risk transfer requirements

To read more, click here: http://astaaragroup.com/wp-content/uploads/2020/09/Astaara-IMO-Cyber-Security-Regime.pdf

For more information contact robert.dorey@astaaragroup.com