SMART4SEA Conference & Awards
2018
Learn More
SMART4SEA Conference & Awards
2018
Learn More

Limiting chances of cyber attack

cyber

The Shipowners Club issued a cyber security notice, stressing that companies should not only be aware of external cyber threats but also those that can occur internally. Procedures, rules and training should be put into place to limit the opportunity for cyber-attacks to occur.

As explained, cyber risk can be represented as a threat or vulnerability resulting from either a computer or software hack for the purpose of theft, disruption or damage. For example, outdated software on a computer or website may leave it vulnerable to intrusion or exploitation. A further example would be a victim responding to fraudulent emails that request for unauthorised payments and/or changes in payment details.

If a company becomes a victim of cyber-crime it could be affected financially both with the cost of fixing the issue and the theft of funds. Both issues could result in operational disruption and reputational damage impacting specifically on consumer confidence.

Recommendations

The Club cites the following preventive measures to limit the chances of a cyber attack:

  • Ensuring virus protection is up to date and appropriate software updates applied.
  • Ensure password protection is in place and updated regularly.
  • Ensure there is a procedure in place to check files on external media such as USB sticks and drives, DVD’s and CD’s before connecting to electronic devices. In addition, emails must be scanned for suspicious attachments.
  • Staff must be trained and routinely assessed on how to identify report and, if appropriate, manage a cyber risk incident.
  • If it looks suspicious, STOP and check

It is reminded that the 98th session of the Maritime Safety Committee (MSC) in June approved MSC-FAL.1/Circ.3 Guidelines on Maritime Cyber Risk Management. This circular to ship owners still remains nonmandatory. The MSC 98 also adopted Resolution MSC.428 (98) Maritime Cyber Risk Management in Safety Management Systems (SMS).

Resolution MSC.428 (98) affirms that an approved SMS should take into account cyber risk management in accordance with the objectives and functional requirements of the International Safety Management (ISM) Code. The objectives of the ISM Code include the provision of safe practices in ship operation and a safe working environment, the assessment of all identified risks to ships, personnel and the environment. Cyber risks should be appropriately addressed in a SMS no later than the first annual verification of the company’s Document of Compliance that occurs after 1 January 2021.

Related Posts


Share on Facebook0Tweet about this on TwitterGoogle+0Share on LinkedIn7

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Explore Our Group Sites:

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this. By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this. By continuing to use the site, you agree to the use of cookies.more information

Close