In an age where IT and operational technology is increasingly connected and automated, the ability to prevent cyber attacks is a core competency every carrier must have â on shore and onboard ships.Â TheÂ Digital Container Shipping Association (DCSA) has published theÂ DCSA Implementation Guide for Cyber Security on VesselsÂ for the global container shipping industry. The purpose of the guide is to facilitate vessel readiness for theÂ IMO Resolution MSC.428(98)Â on Maritime Cyber Risk Management in Safety Management Systems, set to take effect in January of 2021*.
Note*: Compliance with IMO Resolution MSC.428(98) on Maritime Cyber Risk Management in Safety Management Systems is required no later than the first annual verification of the companyâs Document of Compliance after 1stÂ January 2021.
The best practices outlined in the DCSA guide provide all shipping companies with a common language and a manageable, task-based approach for meeting the IMOâs January 2021 implementation timeframe. The target audience is cyber security leads who will be responsible for fleet-wide cyber security on-board vessels. It is intended to complement existing ship Safety Management Systems (SMS) by providing additional guidance on cyber-related aspects, including:
- Information Technology (IT) such as computers, electronic manuals, networks. and applications.
- Operational Technology (OT) such as engine control, ECDIS, on-board measurement and control systems, PLCs and remote support for engines.
All enterprise IT that isnât physically located on-board a vessel is out of scope for this document.
The ambition is that carriers will implement the DCSA guide fleet-wide whether at sea, moored or berthed. The guide aligns with theÂ BIMCOÂ andÂ NISTÂ (US National Institute of Standards and Technology) frameworks, rather than any applicable flag legislation or specific principles. As a guideline, it does not set out specific technical or configuration standards for vessel systems, but instead provides a management framework to help promote good practice.
Download theÂ DCSA Implementation Guide for Cyber Security on Vessels below to learn best practices for helping designated crew members mitigate the risk of cyber incidents, or contain damage (fail safe) and recover in the event of an attack.
For more cyber-security related Guides and circulars,Â click here.