Today we look at the maritime cyber baseline scheme from the IASME Consortium. Maritime cyber security is a subject that is very close to our hearts. IT security in general is fast-becoming a hot topic due to numerous high-profile cyber-attacks. These have resulted in countless organisations revisiting their own cyber defences. A key industry for theICEway ecosystem as a whole is cruise and maritime; it is also one that has long experienced difficulties with tech and been a target for cyber criminals. As a result of this, we developed our CRIBB Maritime Cyber Assurance (CMCA) security framework for the cruise and maritime industry. We launched that back in 2019 and now that the IASME Consortium has released its own solution, we look at both in more depth.
Cruise & maritime: Cyber-risks
Last year we published this article on maritime cyber security. That piece provided an update on the growing importance of IT Security for organisations operating on the seas.
‘Maritime cyber risk’ is a term that refers to the potential threats faced by technology assets at sea. If information or systems are corrupted, lost or compromised, then this can result in shipping-related operational, safety or security failures. Maritime security is now more important than ever before, with spikes in piracy at sea, illegal immigration and weapon smuggling. Terrorist attacks and environmental incidents are also on the rise, meaning that a robust security framework is critical.
The Maritime Cyber Baseline scheme
This scheme was released by the IASME Consortium and represents a practical, affordable way for shipping operators and vessel owners to improve their cyber security. Supported by the Royal Institution of Naval Architects (RINA), it enables them to achieve compliance with the IMO Maritime Cyber Risk Management guidelines. Open to vessels of all sizes and classifications, the key objective is to reduce the likelihood of a cyber-attack disrupting day-to-day operations.
How does it work?
There are two stages of assurance:
- Verified self-assessment
- Audited
The self-assessment provides a basic level of assurance; download the questions directly from the IASME website.
The audited option must be completed by all vessels classified as 500 GRT or over. The audited stage requires a qualified external assessor to visit a vessel and then evaluate all systems and processes. As an official certification body backed by the UK Government, we can help you with this.
CRIBB CMCA: Ahead of its time?
Finally we look back at our own Maritime cyber security scheme: CRIBB Maritime Cyber Assurance. As aforementioned, we released this in 2019 and you can read more about it here. This is now more of a nostalgia piece but there is no denying that we were at least forward-thinking in our actions!
Watch this space for further updates on our on-going efforts to support and guide organisations in cruise and maritime. We’re proud of what our partners at IASME have done with their own scheme and fully support them with it. Rest assured that together, we can provide IT Security solutions that work.