Classification society ABS has launched a new set of safety and risk-based services to support compliance with the 2021 Cyber Risk Management (CRM) guidelines recommended by the International Maritime Organization (IMO).
The IMO CRM guidelines encourage maritime organisations to address cyber risk management in a safety management system (SMS) no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.
ABS’s new cyber security services aim to help clients understand how to align to the IMO guidelines and other accepted standards, and how to build cyber security capabilities that address enterprise and ship level cyber controls as identified by the IMO.
CRM capabilities will span both information technology (IT) and operational technology (OT) systems in accordance with IMO, BIMCO, National Institute of Standards and Technology Cyber Security Framework (NIST), ISO/IEC 27001 and other accepted standards.
“Using a ‘defence in depth and breadth’ approach, owners and operators must protect their critical assets with a comprehensive set of risk controls,” said Ian Bramson, Global Head of Cyber Security at ABS Group.
“We are working closely with industry stakeholders and regulators to reduce cyber risk and lessen the impact of cyber incidents that can have serious financial, operational and environmental consequences.”
“Looking beyond 2021 compliance, our Cyber Security consultants understand this is a long-term challenge that will continue to affect OT assets in an increasingly connected world. Building robust OT cyber security capabilities will provide better control, visibility and management of risk across maritime operations.”