Us-class and services organisation ABS Group of Companies, (ABS Group) has launched a new set of safety and risk-based services to support compliance to the 2021 Cyber Risk Management (CRM) guidelines recommended by the IMO. The IMO CRM guidelines encourage maritime organisations to address cyber risk management in a safety management system (SMS) no later than the first annual verification of the company's Document of Compliance after 1 January 2021.
ABS Group's says its new cyber security services will help clients understand how to align to the IMO guidelines and other accepted standards and build comprehensive cyber security capabilities that address enterprise and ship level cyber controls as identified in the IMO guidance. CRM capabilities will span both information technology (IT) and operational technology (OT) systems in accordance with IMO, BIMCO, National Institute of Standards and Technology Cyber Security Framework (NIST), ISO/IEC 27001 and other accepted standards.
"Using a 'defence in depth and breadth' approach, owners and operators must protect their critical assets with a comprehensive set of risk controls," said Ian Bramson, Global Head of Cyber Security at ABS Group. "We are working closely with industry stakeholders and regulators to reduce cyber risk and lessen the impact of cyber incidents that can have serious financial, operational and environmental consequences. Looking beyond 2021 compliance, our Cyber Security consultants understand this is a long-term challenge that will continue to affect OT assets in an increasingly connected world. Building robust OT cyber security capabilities will provide better control, visibility and management of risk across maritime operations."
ABS Group's cyber security portfolio offers risk-based capabilities at every stage of cyber defence and includes the proprietary Cyber Risk Reduction and Cyber Risk Rating (CybeR2) program. CybeR2 builds on the award-winning ABS FCI Cyber Risk Model developed with the Maritime Security Center, a U.S. Department of Homeland Security Center of Excellence.