Cyber Compliance Package.

Delivering Cyber Compliancy against IMO ISM Code: Cyber Risk Management – January 2021.

IMO Cyber Compliance

What is Maritime
IMO Cyber Compliance?

Cyber risk within the maritime sector has been recognised by the International Maritime Organisation (IMO) Maritime Cyber Risk Management requirement as part of the International Safety Management (ISM) Code.

The compliancy initiative, being introduced in January 2021, is designed to make the industry more resilient to cyber criminality, IMO cyber compliance requires that a Cyber Risk Management program should be implemented no later than the first verification of the owning Company’s Document of Compliance after 1st January 2021.

CSS Platinum have worked with the Flag Registries to help them design the assessment criteria for the implementation of Maritime Cyber Risk Management programs.

Cyber Risk Management Jan 2021

IMO cyber compliance checklist of cyber security requirements to achieve compliance:

Identify threats and risks
Perform impact assessment
Cyber monitoring & response
Provide cyber incident response plan
Cyber security awareness & skills training
On-going cyber-security governance
Update and implement policies
Backup regime

Your IMO Cyber-Security Task Force.

CSS Platinum cyber security framework delivers against IMO cyber compliance and risk guidelines. Our specialist team work with the leading maritime associations and intermediaries to deliver a robust compliancy plan to meet IMO guidelines.

Our dedicated IMO team can assess the vulnerabilities, liabilities and how to build a comprehensive cyber security plan to address them and future proof against all cyber security risks.

british marine
international superyacht society
isle of man maritime
international yacht brokers association
cyber essentials
armed forces covenant
css platinum methodology

IMO Compliance Risk Audit:

  • Risk assessment
  • Gap analysis
  • Policy review
  • Asset register
  • Training Review
  • Technical Penetration testing
  • Review back up plan/policy
css platinum

01. Understand

IMO Cyber Compliance Risk Audit and Pen Test

Undertake cyber security audits that provide gap analysis against IMO cyber compliance requirements. Full risk and impact assessment against all systems, technical, policy and skills analysis. Pen Test to confirm configuration and identify vulnerabilities.

css platinum methodology

IMO Protect Plan:

  • Cyber Awareness Training
  • Role based training
  • Policy provision
  • Third party due diligence
  • Incident Response Plan
  • Continuity/system interruption plan
css platinum

02. Protect

IMO Cyber Protect Plan

Implementation of the necessary cyber protection to address areas of non-compliance against the IMO ISM Code and regulations. A prioritised plan across policy, people, technical controls and compliance.

css platinum methodology

IMO Support Plan:

  • Governance (Stay Compliant)
  • Security Operation Centre (SoC)
  • Cyber-attack response team
css platinum

03. Support

IMO Cyber Support Plan

Once protected we provide ongoing IMO cyber compliance support, through our 24/7 AI cyber security monitoring and incident response, incident recovery and/or bespoke consultancy, to assist in designing or refitting a cyber secure superyacht. Complete governance to future-proof your vessel against any risk or liabilities.

Next steps

CCS Platinum will work with you to review your current cyber management strategy, and design and implement any enhancements needed to comply with the IMO guidelines and importantly, keep your vessels, crew and passengers safe from current and emerging cyber threats and vulnerabilities.

Submit the following form to set up a discussion with one of our IMO Cyber Compliance Management Specialists

    IMO Cyber Compliance

    IMO Maritime Regulations
    for Cyber Security

    The IMO has recognised the urgent need to address cyber threats to the Maritime industry to ensure safe and secure shipping with IMO cyber compliance. The IMO issued direction on maritime cyber risk management in Resolution MSC.428(98) adopted on 16 Jun 2017.