The Guidelines on Cyber Security Onboard Ships

Ships are increasingly using systems that rely on digitisation, digitalisation, integration, and automation, which call for cyber risk management on board. As technology continues to develop, information technology (IT) and operational technology (OT) onboard ships are being networked together, and more frequently connected to the internet.

This brings the greater risk of unauthorised access or malicious attacks to ships’ systems and networks. Risks may also occur from personnel accessing systems on board, for example by introducing malware via removable media.

To mitigate the potential safety, environmental and commercial consequences of a cyber incident, a group of international shipping organisations, with support from a wide range of stakeholders (please refer to annex 5 for more details), have participated in the development of these guidelines, which are designed to assist companies in formulating their own approaches to cyber risk management onboard ships.