IMO Guidelines on Maritime Cyber Risk Management

The latest IMO Maritime Safety Committee (MSC 98) approved a joint MSC-FAL circular on Guidelines on maritime cyber risk management, based on the Interim guidelines on guidelines on maritime cyber risk management (MSC.1/Circ.1526). Please find a copy of the Guidelines attached for your convenience.

The Guidelines contain high-level recommendations for maritime cyber risk to safeguard shipping. This document defines functional elements that include: identifying, protecting, detecting, responding, and recovering with respect to cyber events. Best practices are also discussed with additional guidance mentioned in standards produced by, inter alia, BIMCO, CLIA, ICS, OCIMF; ISO/IEC 27001 Standard on Information Technology; and United States National Institute of Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity (the NIST Framework).