Ships sailing in US waters could be detained if they are found not to be complying with the IMO’s cyber risk management guidelines, according to cyber experts.
The guidance to inspectors on how to enforce the guidelines, which come into effect in January, states that serious deficiencies will require fixing and an external audit carried out within 90 days, or risk detention. Minor deficiencies will need an internal audit within 90 days and the deficiencies to be fixed prior to departure.
Robert Dorey, chief executive of cyber risk management and insurance company, Astaara, said the USCG’s position is a warning to shipowners that non-compliance is not an option. “The US Coast Guard have fired the first salvo and have put operators of foreign flagged vessels on clear notice that if they arrive in a US port without the required cyber security/hygiene, they risk being impounded, or at the very least being required to undertake rapid remediation,” he said.
Astaara has a number of services aimed at getting shipping companies ready for the IMO guidelines deadline, including the Astaara Cyber SMS Review and introductory level, Marine CyberStaart.
“Our latest product gives shipping companies a very clear picture of where they stand, where their weaknesses lie and how they would stand up to a cyber-attack,’ said Mr Dorey.
By Rebecca Strong