The Digital Container Shipping Association (DCSA), the initiative established to increase digitalisation in the shipping industry, has published its cyber-security implementation guide in readiness for upcoming IMO regulation.
In a statement, the DCSA, which counts Maersk, MSC, CMA CGM, Hapag-Lloyd, ONE, Evergreen, Yang Ming, HMM and ZIM among its members, said its guide aligns with existing BIMCO cyber risk management frameworks.
According to the DCSA, the guide will give shipowners the tools they need to help designated technical crew members mitigate the risk of cyber attack or contain damage in the event of an attack.
The guide relates specifically to IMO Resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management Systems. It will provide what the DCSA calls a “common language” and a manageable, task-based approach for meeting the IMO’s January 2021 implementation framework.
“As shipping catches up with other industries such as banking and telco in terms of digitisation, the need for cyber risk management becomes an imperative,” said Thomas Bagge, CEO, DCSA.
“Due to the global economic dependence on shipping and the complex interconnectedness of shipping logistics, cyber attacks such as malware, denial of service, and system hacks can not only disrupt one carrier’s revenue stream, they can have a significant impact on the global economy.
“As a neutral digital standards organization, DCSA is uniquely positioned to help vessel owners mitigate the increasing risk of cyber-attack on their ships, and in turn, on the industry at large.”
The DCSA guide breaks down the BIMCO framework into themes, which it then maps to the controls that underpin the US National Institute of Standards and Technology (NIST) functional elements: identify, protect, detect, respond, recover.
Jakob Larsen, Head of Maritime Safety and Security, BIMCO, said the DCSA implementation guide “provides a thorough and refreshing deep dive into the challenge of how to implement cyber-risk management in a shipowner company”.
In February 2020, Port Technology International (PTI) reported how the DCSA had released its Track and Trace data definitions.