The proposal MSC 108/6 titled "REVISION OF THE GUIDELINES ON MARITIME CYBER RISK MANAGEMENT (MSCFAL.1/CIRC.3/REV.2) AND IDENTIFICATION OF NEXT STEPS TO ENHANCE MARITIME
CYBERSECURITY"

will be presented at IMO Maritime Safety Committee 108 this year with a target completion in 2024.  Because many Port States, and by extension Flag States, are making these guidelines a requirement, these enhanced policies will impact all shipowners.  IACS UR E26 and E27 are also incorporated by reference and the guidelines are in harmony with the recent Notice of Proposed Rule Making (NRPM) issued by the United State Coast Guard for US Flagged vessels.

These guidelines are much more prescriptive – detailing items such as asset management, OT specific cybersecurity training, risk assessment requirements, USB controls, supply chain security, backup and recovery, and much more - all congruent with the NIST CSF.