ClassNK has joined a key US group and released new guidance to strengthen cyber risk management in shipping
Nippon Kaiji Kyokai (ClassNK) has joined the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC) as part of a growing list of maritime community partners.
It has also released the second edition of its Guidelines for Designing Cyber Security Onboard Ships for newbuilding designs targeting shipyards and owners of newbuilding ships. In this guidance, ClassNK has updated the control measures and the framework to implement such measures.
This incorporates the international cyber security standards for industrial control systems, IEC 62443 series and includes the latest recommendations on cyber resilience for new ships, published by the International Association of Classification Societies (IACS) in May 2020. Requirements for adding class notations to classification codes related to cyber security have also been released.
This is based on the ClassNK Cyber Security Approach, which outlines the society’s approach to ensuring onboard cyber security for ships.
The guidelines are a compilation of current best practice for newbuilding designs by shipyards and shipbuilding owners from the perspective of identifying computer systems that should be protected from cyber incidents and of building networks to protect them.
On a newbuilding, ClassNK will carry out cyber security verification during the design and construction stage based on these guidelines and issue a class notation to compliant ships, in response to applications for registration inspection during manufacturing by shipyards.
Also in July, ClassNK joined MTS-ISAC to enhance cyber risk management in shipping. This partnership provides ClassNK with actionable insights from community-sourced cyber threat intelligence, which reinforces ClassNK’s cyber security guidelines.
ClassNK said it was the first classification society and the first non-US organisation to formally join MTS-ISAC, “helping broaden the reach of the MTS-ISAC’s efforts to support the maritime community”.
It is now just five months before IMO’s January 2021 deadline for implementing cyber risk management in Safety Management Systems.
“We have been working with IACS, maritime stakeholders and cyber security professionals to understand and promote cyber security best practices across the maritime transportation system,” said ClassNK executive vice president Hirofumi Takano.
“By joining the MTS-ISAC, we will have increased visibility to current, real-world examples of cyber threats targeting these stakeholders,” he continued. “This provides us an opportunity to reinforce how, and periodically update, ClassNK’s cyber security standards to provide our stakeholders with the latest security recommendations to protect their assets from cyber threats, with IMO 2021 right around the corner.”
In addition, the US Coast Guard will review the Maritime Transportation Security Act of 2002 regulated facilities for cyber risk management efforts. It will begin annual inspections incorporating this act form 1 October 2021.
MTS-ISAC was formed in February this year. It has since seen rapid adoption of its Cybersecurity Information Sharing Services and produced several maritime cyber security advisories, sourced from member shared information.
ClassNK is a premier partner for Riviera’s ’Cyber security: readying for the ISM Code’s 1 Jan 2021 requirements’ webinar on 5 August and the ’Where port security meets cyber security’ webinar on 4 August is in association with Maritime Transportation System Information Sharing and Analysis Center. These are part of Riviera’s Maritime Cyber Security Webinar Week, use this link for more details