DCSA publishes free cyber security implementation guide

The Digital Container Shipping Association (DCSA) has published a new cyber security implementation guide to assist vessel operators in preparing for the upcoming IMO cyber risk management changes to Safety Management Systems in 2021.

The best practices outlined in the guide, and backed by the Association’s nine member carriers, aims to provide all shipping companies with a common language and a task-based approach for meeting the January 2021 implementation timeframe.

The cyber security guide, DCSA Implementation Guide for Cyber Security on Vessels, can be freely downloaded from the DCSA website, and is aligned with existing BIMCO and NIST (US National Institute of Standards and Technology) cyber risk management frameworks.

The document outlines procedures to help designated technical crew members mitigate the risk of cyber-attack, or to contain damage and recover in the event of an attack.

“As shipping catches up with other industries such as banking and telco in terms of digitisation, the need for cyber risk management becomes an imperative,” said Thomas Bagge, CEO, DCSA.

“Due to the global economic dependence on shipping and the complex interconnectedness of shipping logistics, cyber-attacks such as malware, denial of service, and system hacks can not only disrupt one carrier’s revenue stream, they can have a significant impact on the global economy.”

“As a neutral digital standards organisation, DCSA is uniquely positioned to help vessel owners mitigate the increasing risk of cyberattack on their ships, and in turn, on the industry at large.”

The DCSA cyber security implementation guide breaks down the BIMCO framework into themes and maps these themes to the controls that underpin the NIST functional elements: Identify, Protect, Detect, Respond, Recover.

Non-technical explanations are included, as well as specific actions to be taken to address each NIST element in accordance with a company’s level of cyber maturity within each BIMCO theme.

Following the guidance will provide vessel owners with a catalogue of cyber security safeguards aligned with each vulnerability identified during risk assessment, together with notes explaining any residual risk, DCSA says.

Share this story

About the Author

Rob O'Dwyer
Rob O'Dwyer

Rob is Chief Network Officer and one of the founders of Smart Maritime Network. He also serves as Chairman of the Smart Maritime Council. Rob has worked in the maritime technology sector since 2005, managing editorial for a range of leading publications in the transport and logistics sector. Get in touch by email by clicking here, or on LinkedIn by clicking here.

Further Reading

News Archive