‘Ignorance is no longer an option,’ Bimco warns as cyber security guidelines are updated

The second edition of The Guidelines on Cyber Security Onboard Ships has been released, a timely publication in the wake of last week’s Petya attack which hit Maersk hard. The latest practical advice has been compiled by the joint industry group, which is led by Bimco and now includes new members OCIMF and IUMI, as well as the original contributors CLIA, ICS, Intercargo and Intertanko.

The second edition includes information on insurance issues and how to effectively segregate networks, as well as new practical advice on managing the ship to shore interface, and how to handle cyber security during port calls and when communicating with the shore side.

The chapters on ‘contingency planning’ and ‘responding to and recovering from cyber incidents’ have been rewritten to reflect the fact that the guidelines are aimed specifically at ships and the remote conditions prevailing if a ship’s defences have been breached.

The guidelines have also been aligned with the recommendations given in the International Maritime Organization’s (IMO) Guidelines on cyber risk management which were adopted last month.

A new subchapter on insurance has been added, looking at coverage after a cyber incident as this is an important part of the risk assessment which shipowners should now take into consideration. Finally, the annex, which explains about networks, has been rewritten based on real experience of shipowners segregating networks on their ships.

Angus Frew, Bimco secretary general and CEO, said today: “Cyber security is certainly a hot topic for all of us now, and this latest guidance includes valuable information, applying a risk based approach to all of the areas of concern, highlighting how an individual’s unwitting actions might expose their organisation… In the light of recent events we urge everyone across the industry to download it – it’s available free of charge – and to consider the risk cybercrime may pose to their ships and operations. Ignorance is no longer an option, as we are all rapidly realizing.”

Splash readers can access the guidelines by clicking here.

Sam Chambers

Starting out with the Informa Group in 2000 in Hong Kong, Sam Chambers became editor of Maritime Asia magazine as well as East Asia Editor for the world’s oldest newspaper, Lloyd’s List. In 2005 he pursued a freelance career and wrote for a variety of titles including taking on the role of Asia Editor at Seatrade magazine and China correspondent for Supply Chain Asia. His work has also appeared in The Economist, The New York Times, The Sunday Times and The International Herald Tribune.


  1. Nice one and many thanks!
    It is optimistic bias and wrong to assume that there is ignorance involved! I will argue any day that the real problem is lack of understanding! Ignorance can only be used if one truly understand what can or should be ignored and it would not make sense to any person to ignore this specific problem!
    On the other hand, underwriters are still keen on writing more hoplessly insane risks to stay afloat even if their ships are sinking fast due to loss of density. I ignore a lot of things on purpose but I understand what and how I ignore. Maybe time to establish a cyber security penetration company to see learn the level of understanding by just ignoring a couple of protocols?

Back to top button