IMO Guidelines for Cyber Risk Management in Safety Management Systems reinforce cyber security as a business imperative in maritime.
ABS Group of Companies, Inc. (ABS Group) has launched a new set of safety and risk-based services to support compliance to the 2021 Cyber Risk Management (CRM) guidelines recommended by the International Maritime Organization (IMO). The IMO CRM guidelines encourage maritime organizations to address cyber risk management in a safety management system (SMS) no later than the first annual verification of the company’s Document of Compliance after 1 January 2021.
ABS Group’s new cyber security services will help clients understand how to align to the IMO guidelines and other accepted standards and build comprehensive cyber security capabilities that address enterprise and ship level cyber controls as identified in the IMO guidance. CRM capabilities will span both information technology (IT) and operational technology (OT) systems in accordance with IMO, Baltic and International Maritime Council (BIMCO), National Institute of Standards and Technology Cyber Security Framework (NIST), ISO/IEC 27001 and other accepted standards.
“Using a ‘defense in depth and breadth’ approach, owners and operators must protect their critical assets with a comprehensive set of risk controls,” says Ian Bramson, Global Head of Cyber Security at ABS Group. “We are working closely with industry stakeholders and regulators to reduce cyber risk and lessen the impact of cyber incidents that can have serious financial, operational and environmental consequences. Looking beyond 2021 compliance, our Cyber Security consultants understand this is a long-term challenge that will continue to affect OT assets in an increasingly connected world. Building robust OT cyber security capabilities will provide better control, visibility and management of risk across maritime operations.”
ABS Group’s cyber security portfolio offers risk-based capabilities at every stage of cyber defense and includes the proprietary Cyber Risk Reduction and Cyber Risk Rating (CybeR2) program. CybeR2 builds on the award-winning ABS FCI Cyber Risk™ Model developed with the Maritime Security Center, a U.S. Department of Homeland Security Center of Excellence.