Songa Shipmanagement Awarded Cyber Security Certification
As the shipping industry becomes more and more digitalized, so cyber attacks on shipping companies and ships have increased. A robust and comprehensive cyber security response and active cyber protection is now essential to ensure the safety of any vessel and its crew.
Reflecting this, the IMO affirmed that safety management systems (SMS) should take into account cyber risk management in accordance with the objectives and functional requirements of the ISM Code. Shipowners may risk having their ships detained by port state control authorities if cyber risks are not appropriately addressed in SMS by January 1, 2021, in compliance with the ISM code.
Likewise, the major shipping associations have guided their members how to manage cyber risk on board ships, and OCIMF and RightShip have added the requirements of “Cyber Security” to the checklist when conducting Tanker Management and Self-Assessment (TMSA), SIRE and dry bulk inspections.
With a reputation for world class technology and industry leading IT solution, Korean Register (KR) has steadily increased its investment in R&D focused on cyber security over the years, as technology and digitalization has increased across the industry.
KR organized a specialist Cyber Security Task Force Team in 2016 and published the first KR Cyber Security Guidelines in the same year. KR established its cyber security certification process last year (2018) in accordance with international security standards ISO 27001, IEC 62443, NIST framework and in line with the IMO and BIMCO’s cyber security guidelines.
Successful certification offers shipowners and operators peace of mind in this high risk area.
One such operator is Songa Shipmanagement. The company manages and operates 23 chemical/oil tankers and heavy-lift vessels and has developed and implemented a comprehensive cyber security management system which is able to respond to all kinds of cyber incidents. In February 2019, following a comprehensive cyber security audit, KR certified Songa Shipmanagement to be fully compliant in all areas, the very first company to achieve this certification.
The KR cyber security certification audit was conducted over a six month period. During this time Songa had to successfully pass 87 inspection items in 18 categories such as human management, risk management, asset management, response and recovery.
The audit examined all of Songa Shipmanagement’s processes to ensure that they meet industry standards and satisfied all the requirements of the IMO, Oil Companies International Marine Forum Tanker Management Self Assessment (OCIMF TMSA 3) and RightShip inspection under the direction of the Chief Cyber Security Officer.
KR is now in the process of certifying the cyber security management systems of all of Songa Shipmanagement’s 23 vessels.
KR has industry leading expertise in the field of maritime cyber security and is working on many other cyber security projects, including Type Approval of Maritime Cyber Security for Hyundai Electric’s Integrated Smart Communication System (ISCS), Approval in Principle of Cyber Security for Yokogawa Electric Korea’s LNG Integrated Alarm System (IAS) and Company Cyber Security Certification for T1IT Ltd, a ship IT service provider.
Looking ahead, in the future, KR will not just certify companies, vessels and equipment in terms of cyber security, the services will expand to include cyber security training, technical support for preparing other inspections such as TMSA and SIRE and certification of software used in the shipping industry. This will give shipowners and operators even greater peace of mind in this complex and ever changing area.