IMO Maritime Regulations
for Cyber Security.

Understanding and implementing maritime cyber risk management.

international maritime organization

What is
Maritime Cyber Risk?

The International Maritime Organisation (IMO) defines maritime cyber risk as;

‘A measure of the extent to which a technology asset could be threatened by a potential circumstance or event, which may result in shipping-related operational, safety or security failures as a consequence of information or systems being corrupted, lost or compromised.’

What are the

The IMO has recognised the urgent need to address cyber threats to the Maritime industry to ensure safe and secure shipping. The IMO issued direction on maritime cyber risk management in Resolution MSC.428(98) adopted on 16 Jun 2017.

The resolution details the following:

An approved management system in accordance with requirements of the International Safety Management (ISM) Code.

Maritime industry stakeholders to implement cyber risk management to ensure they are protecting vessels & people.

Which vessels do the regulations impact?

To protect the safety of life at sea of crew and passengers it is recommended that maritime cyber risk management is implemented for all superyachts, as cyber-attacks can wreak the same disastrous consequences regardless of the size and commercial function of a vessel. Compliance is a requirement for any vessel greater than 500GT and subject to the IMO Code.

Who is liable?

Owners/Directors of the commercial entity, those who have responsibility for the superyacht / vessel can be held personally liable where maritime cyber risk management has not been appropriately addressed.

Risk management framework?

The following framework is recommended by NIST and the IMO to assist the implementation of a comprehensive and coherent approach to cyber risk management.

The specialist IMO regulation team at CSS Platinum incorporate all the framework steps into their compliance methodology

Our methodology.

cyber security for superyachts
cyber security for yachts
cyber security for maritime

cyber security for business


Evaluation of digital footprint and where there is risk. CSS Platinum will help you understand what vulnerabilities you are exposed too and potential impact.

cyber security for superyachts
cyber security for yachts
cyber security for business


Triage priority plan; from high-risk vulnerabilities through to business process and compliance. An end to end plan to deliver complete protection.

cyber security for superyachts


24/7 cyber-security monitoring and response. AI technology providing threat detection and reporting to your dedicated cyber security team.

IMO framework services.

  • Maritime Cyber Risk Audit
  • Cyber Risks Register
  • Penetrating Testing
  • Staff and Crew Check
  • Chief Information Security Officer
  • Cyber Security Training
  • Maritime Cyber Licence
  • AI Threat Detection Platform
  • Governance Plan

Next steps

CCS Platinum will work with you to review your current cyber management strategy, and design and implement any enhancements needed to comply with the IMO guidelines and importantly, keep your vessels, crew and passengers safe from current and emerging cyber threats and vulnerabilities.

Submit the following form to set up a discussion with one of our IMO Risk Management Specialists

Your IMO cyber-security task force.

CSS Platinum cyber security framework delivers against IMO cyber risk guidelines. Our specialist team work with the leading maritime associations and intermediaries to deliver a robust compliancy plan to meet IMO guidelines.

Our dedicated IMO team can assess the vulnerabilities, liabilities and how to build a comprehensive cyber security plan to address them and future proof against all cyber security risks.

british marine
international superyacht society
isle of man maritime
international yacht brokers association
cyber essentials
armed forces covenant