A new cyber security risk assessment body, the International Maritime Cyber Security Organisation (IMCSO), was launched on Tuesday.
IMCSO will validate cyber security report outputs to ensure consistency with reports held on a central database and will make them accessible to authorities and third parties that need to assess a vessel’s risk status. It has also developed a certification programme for security consultants and a professional register to help maritime organisations select experienced staff.
“Cybersecurity has been mandated by the International Maritime Organization (IMO) which requires shipping companies to implement measures to protect their onboard safety management systems and to regularly audit them,” said IMCSO chief executive officer, Campbell Murray.
The IMCSO Maritime Standard cyber certification programme offers cyber security staff training across four disciplines. It offers qualifications for offensive security practitioners and maritime cyber security specialists, as well as studies in particular fields such as secure by design and cloud security.
The organisation will create an authorised registry of approved cyber security suppliers who are specialists in maritime cyber security. The registry will profile organisations and list the individual qualifications of personnel.
IMCSO will be able to track cyber risk trends as the use of standardised vessel-by-vessel data will allow for the building of a sharable and searchable database. The data will also be used to inform the IMO, shipbuilders, insurers and management companies of cyber risk trends.
