IMO has given ship-owners and managers until 2021 to incorporate cyber risk security into ship safety management systems. Tanker owners and operators that are subject to vetting under OCIMF should have been addressing cyber security risks in their policies and procedures since 1st January 2018.
This training is about raising awareness that software is not just found in obvious IT systems, but also embedded in many types of equipment essential for operating ships and offshore assets. Concrete examples of cyber-attacks on ships and offshore platforms are used to explain the importance of each individual for cyber security and the role the crew play in protecting themselves and the company against cyber-attacks.
Training focuses on typical threats, such as phishing or hacker attempts trying to trick you into installing malicious software. The participant learns how to detect such cyber-attacks and what actions to take.
Training communicates good practices such as proper handling of personal mobile devices, USB sticks, passwords and remote connections.
Training covers also countermeasures, preventive measures (e.g. updating antivirus software) and reactive measures (e.g. procedures after a detected security breach). Training reminds participants that their behaviour is actually a key countermeasure in their company’s cyber security.