Issues and concerns in the maritime education regarding cyber risk management
In accordance with Resolution MSC.428(98) “Maritime Cyber Risk Management in Safety Management Systems” the companies must implement the issues to their Safety Management Systems no later than the first annual verification of the company’s Document of Compliance after 01 January 2021. Some of the biggest companies and associations from the industry have published their own Guidelines on Cyber Security Onboard Ships. However, the question on ship’s cyber security is still not implemented in the syllabuses. As per International Ship and Port Facility Security Code (ISPS Code), part B, 8.3.5 the ship’s security assessment should include radio and telecommunication systems, including computer systems and networks. This necessitates finding answers to the following questions: whether the Ship’s Security Plan has to be revised to include the appropriate measures to protect both equipment and communication links or Cyber security plan itself will be enough to cover the issues; whether the Cyber Security Officer (CSO) will be the person who will tackle the problem or the companies have to hire a well-qualified additional person; whether such a person has to be a mariner or IT specialist. The aim of this article is research regarding implementation of Maritime Cyber Risk Management requirements to the vessel’s Ship Security Plan (SSP) and qualification of the person responsible for companies’ fleet cyber security.