With new International Maritime Organization requirements on cyber risk management imminent, CJC Senior Associate Richard Murray and IEIT Cyberlogic conclude that making ships truly cyber secure involves a marathon not a sprint.
On 1 January 2021, pursuant to Resolution MSC. 428(98), IMO Administrations are to ensure that cyber risks are appropriately addressed in safety management systems no later than the first annual verification of a ship’s Document of Compliance after that date. The resolution was originally adopted in June 2017 and, while many stakeholders could be forgiven for the distraction caused by this turbulent year, another deadline approaches in shipping compliance.
However, it is important to remember that ‘IMO 2021’ was not developed in a vacuum. Managing cyber risk in the maritime space has been a hot-button topic for over two decades, with the CL.380 Institute Cyber Attack Exclusion Clause receiving rapid and widespread uptake from first party loss insurers for hull and machinery risk on its release in 2003. Variants of…
