New Cybersecurity Program Launched to Help Senders Protect Against Emerging Threats – Digital Ship

A new Maritime Cyber ​​Baseline program launched by IASME and supported by the Royal Institution of Naval Architects (RINA) will help maritime operators and vessel owners improve their cybersecurity and align with IMO guidelines in the management of maritime cyber risks.

The program is open to vessels of all sizes and classifications, including yachts, commercial vessels, passenger vessels, and merchant vessels. It offers operators and owners an affordable and convenient way to improve their cybersecurity to counter emerging threats and reduce the likelihood of a cyber attack disrupting their daily operations. The device was developed in partnership with the maritime experts Infosec Partners.

The IASME Maritime Cyber ​​Baseline program enables maritime operators and vessel owners to reassure supply chain partners, passengers, flag authorities and port authorities that a vessel has cybersecurity controls and processes. appropriate. They can demonstrate compliance with an IASME Maritime Cyber ​​Baseline digital certificate that can be displayed on board a vessel and in all commercial communications.

How does the scheme work?

The program focuses on a set of basic security controls that have maximum impact on cybersecurity and give the best return on effort and investment in their implementation. It has two stages of insurance:

• Verified self-assessment = basic level of assurance
• Audited = higher level of assurance

The controls that must be put in place on board are the same for both levels of assurance.

Verified self-assessment

The Verified Self-Assessment requires vessel owners / operators to answer a series of questions about their vessel using the IASME secure online portal. The owner is required to sign a declaration that the answers to the questions are correct. The applicant receives feedback from the assessor on how he can improve the safety of his vessel based on the answers given to the various questions.

Checked

The audited step involves a review of systems, processes and verification of the responses provided in the self-assessment. This level must be achieved by all vessels of 500 gwt or more to obtain certification.

If the vessel passes the assessment, it obtains Maritime Cyber ​​Baseline certification. To maintain certification, an annual audited self-assessment must be performed on the first and second anniversary of the audit to demonstrate continued compliance.

Small vessels under 500 gwt need to pass the verified self-assessment step only to obtain certification. The cost is 750 GBP + VAT.

All vessels of 500 gwt or more must pass both the verified self-assessment stage and the audit stage to obtain certification. The cost is 1950 GBP + VAT.

Chris Boyd, Managing Director of the Royal Institution of Naval Architects, said: “The Royal Institution of Naval Architects is delighted to support IASME’s new Maritime Cybersecurity Program and recognizes it as an effective means for operators and owners alike. improve the safety of their vessels. The maritime sector is a vital part of the global economy; RINA and its members play a key role in ensuring the safety of ships throughout their life cycle. We encourage everyone involved in the industry to consider the IASME Maritime Reference Cyberbase as a practical way to reduce the disruptive impact of cyber attacks. “

Dr Emma Philpott MBE, CEO of IASME, said: “We are really excited to tackle the difficult issue of cybersecurity in shipping with our new Maritime Cyber ​​Baseline program. IASME has revolutionized the approach to cybersecurity within enterprises through our IASME governance certification and recently worked with the Civil Aviation Authority to implement its cybersecurity audit program for the industry. aviation. We look forward to directly engaging with marine operators and owners to improve their safety and have them certified under the new program. “