IMO guidelines on cyber security threats cover old ground
THE UN's International Maritime Organisation (IMO) has approved the 2016 Interim Guidelines on Maritime Cyber Risk Management from its Maritime Safety Committee.
This was the result of having considered the "urgent need to raise awareness on cyber risk threats and vulnerabilities," said the document that covers familiar ground.
The guidelines itemise well known risks and say that senior management should be aware of the risks and take remedial action to "safeguard shipping from current and emerging cyber threats and vulnerabilities".
Threats are presented by malicious actions (eg, hacking or introduction of malware) or the unintended consequences of benign actions (eg, software maintenance or user permissions).
In general, these actions expose vulnerabilities (eg, outdated software or ineffective firewalls) or exploit a vulnerability in operational or information technology.
"Effective cyber risk management should consider both kinds of threat. Vulnerabilities can result from inadequacies in design, integration and/or maintenance of systems, as well as lapses in cyberdiscipline.
"These guidelines are primarily intended for all organisations in the shipping industry, and are designed to encourage safety and security management practices in the cyber domain," it said.
THE UN's International Maritime Organisation (IMO) has approved the 2016 Interim Guidelines on Maritime Cyber Risk Management from its Maritime Safety Committee.
This was the result of having considered the "urgent need to raise awareness on cyber risk threats and vulnerabilities," said the document that covers familiar ground.
The guidelines itemise well known risks and say that senior management should be aware of the risks and take remedial action to "safeguard shipping from current and emerging cyber threats and vulnerabilities".
Threats are presented by malicious actions (eg, hacking or introduction of malware) or the unintended consequences of benign actions (eg, software maintenance or user permissions).
In general, these actions expose vulnerabilities (eg, outdated software or ineffective firewalls) or exploit a vulnerability in operational or information technology.
"Effective cyber risk management should consider both kinds of threat. Vulnerabilities can result from inadequacies in design, integration and/or maintenance of systems, as well as lapses in cyberdiscipline.
"These guidelines are primarily intended for all organisations in the shipping industry, and are designed to encourage safety and security management practices in the cyber domain," it said.