Shipping Policy

The UGS welcomes the IMO Guidelines on Maritime Cyber Risk Management introduced in May 2016 which provide high-level recommendations. The Guidelines take a risk-based approach to the management of cyber issues and focus on the use of data as information and, operationally, on the use of data to control or monitor physical processes. The UGS endorses the flexibility these Guidelines offer as they are complementary to the safety and security management practices established by the IMO, while containing best practices for detailed guidance, including the Guidelines on Cyber Security on board ships developed jointly by BIMCO, Cruise Lines International Association (CLIA), International Chamber of Shipping (ICS), the International Association of Dry Cargo Shipowners (INTERCARGO) and the International Association of Independent Tanker Owners (INTERTANKO).

Non-mandatory initiatives worldwide according to the IMO Maritime Cyber Risk Management Guidelines will provide the necessary enhancement of maritime cyber security preparedness.

In parallel, the EU published in July 2016 the Network and Information Security (NIS) Directive. The Directive applies horizontally to all sectors and lays down measures to achieve a common high level of security of networks and information systems within the EU. Maritime transport providers are included in the scope of the Directive but not individual vessels.

The UGS is concerned about US government plans to introduce cyber security legislation that would affect all vessels entering US waters and supports the non-mandatory initiatives worldwide according to the IMO relevant Guidelines.