For the inevitable further digitalisation of ships to take place, ships and ship management companies need to ensure cyber security is fully implemented as part of the International Safety Management (ISM) code onboard, according to classification society DNV GL.
During the class society’s webinar on 25 March, Jarle Blomhoff, group leader cyber safety and security DNV GL, explained that today’s ships and offshore units depend heavily on cyber systems. Information Technology (IT) and Operational Technology (OT) networks known as control systems or core systems to operate the vessel, used to be stand-alone electric systems with limited connection.
Increased interconnectivity, , through remote operating systems and internet technology, means all aspects of ship operations are more vulnerable to cyber-attacks. an Should OT systems go down the safety of ship operations would be impacted significantly. “It is important to address the risk posed to those systems, that’s also where we put our focus as a classification society,” said Blomhoff.
DNV GL identified three main drivers for the need to increase maritime cyber security; an increase in cyber-attack incidencts, despite low industry transparency and reporting; international, regional, and commercial cyber security regulations -the most crucial being the IMO resolution MSC 428(98) making cyber security a regulatory requirement as part of ISM; and the complexity of software being placed onboard vessels.
As the industry calls for further vessel digitalisation through remote operation, fleet and performance optimisation, and logistics to improve the efficiency of ship operations, all this technology requires more automation, more complicated software, and more connectivity.
“We believe there are opportunities on digitalisation in the maritime industry but to do that safely you need cyber security resilience or cyber security control measures … by handling cyber security you can realise the benefits of digital shipping,” stressed Blomhoff.