In late September 2018, the International Association of Classification Societies (IACS) published nine of its 12 recommendations on cyber safety with the aim of enabling the delivery of cyber resilient ships whose resilience can be maintained throughout their working lives. The recommendations are the result of a long-term initiative from IACS that has benefited considerably from cross industry input and support. The IACS recommendations address the need for:
- a more complete understanding of the interplay between ships’ systems;
- protection from events beyond software errors;
- in the event that protection fails, the need for an appropriate response and ultimately recovery;
- in order for the appropriate response to be put in place, a means of detection is required.
IACS recognised that, in order for ships to be resilient against cyber incidents, all parts of the industry needed to be actively involved, and so convened a Joint Working Group (JWG) on cyber systems with participation from IUMI. A significant part of the JWG’s work has been identifying best practice and appropriate existing standards in risk and cyber security and identifying a practical risk approach. Consequently, the 12 IACS recommendations, collectively, not only provide guidance on the most pressing areas of concern but work as building blocks for the broader objective of system resilience.
IACS recognises that these recommendations are only an ‘interim’ product and that they will be subject to amalgamation into a larger document with more consistent language, overlaps removed and common material consolidated. IUMI will continue to contribute and help to make the IACS cyber recommendations a success.