Training integral to compliance with incoming IMO ISM Cyber Security resolution

Author: Raal Harris

As the maritime industry transitions to a more digital-intensive way of working, the risk of cyber attacks has significantly increased year on year. We have seen high profile incidents such as attacks on COSCO shipping, Maersk, the port of Barcelona and more making the headlines – and most recently an attack of the IMO’s own website in October 2020. Given the safety and environmental risks that hackers pose if they are able to take control of critical maritime systems, it comes as no surprise that the IMO adopted Resolution MSC.428(98) Maritime Cyber Risk Management in Safety Management Systems on 16 June, 2017.

This resolution comes into force from 1 January 2021 and requires companies to manage cyber risks within their safety management systems, as required by the International Safety Management (ISM) Code. Identifying and dealing with such risks and ensuring that both, the appropriate counter measures and a resilience plan are in place, must be completed by the first Document of Compliance after 1 January 2021.

Human factor

The training of seafarers and shore personnel  tasked to implement cyber security plans is absolutely vital and we at Ocean Technologies Group are proud to say that our users are already able to access a number of titles  from the vast Ocean Library, some of which lead to certification – and we are adding new modules regularly. 

Some of our more popular titles are:

(1298) Cyber Security Training course – this short course raises awareness of cyber security onboard ship and encourages good cyber ‘hygiene’. Importantly, it explores cyber security risk and introduces candidates to the cyber risk management plan.   

(6209) Cyber Security Awareness – this short course explores safety management practices and shows how they can be applied to cyber security within the maritime and offshore industries. The modules explain how and where cyber-attacks may target IT infrastructure as well as the embedded software in assorted operational technology (OT) systems on board.

(CBT0-04) Cyber Security – this computer based training examines cyber threats to the maritime industry and what you can do to detect and prevent them. It covers password protection, detecting phishing scams and malware, social media safeguards and tips for improving overall vessel cyber security.

Adding company policy training

A particularly exciting feature of our new Ocean Learning Platform, which has been designed to move beyond compliance into optimised performance, is the Rapid E-Learning tool which allows training and crew managers to design and distribute company specific e-learning modules to the workforce. This tool will be invaluable for cyber risk management and will ensure that every employee is trained to comply with our customer’s cyber best practice.

Prepare now

Keeping our customers compliant with industry regulations and making shipping safer are that the heart of all our activities at Ocean Technologies Group. And as a digital-first company, we are particularly aware that although there are many advantages to be gained from the online arena, there must be proper risk mitigation tools put in place to manage cyber threats.

If you would like to discuss how we can help you prepare for the IMO ISM Cyber Security resolution, please contact us.

Cyber Security At Sea

Learn more about our Cyber Security at Sea Training

“Shipping is relying increasingly on digital solutions for the completion of everyday tasks, which is creating greater opportunities for cyber attackers.

Jakob P Larsen

Head of Maritime Security, BIMCO

Data Protection Awareness

Protecting the personal data of your company and clients is critical to the reputation and future growth of your business.