Cyber Security Workbook for On Board Ship Use - 6th Edition 2025

Cyber risk management should be an inherent part of safety and security and should be considered at all levels of the company, including senior management ashore and onboard personnel.

This Workbook has been designed as a practical, straightforward guide to support the Master and officers on board ship (Part I - Onboard Practical Considerations). It is designed to facilitate understanding and good collaboration between individual ships, onshore IT departments and equipment manufacturers (Part II - Shore Management Considerations). The Workbook may also be useful to the wider maritime industry.

The sixth edition has been produced by Witherbys, BIMCO and the International Chamber of Shipping (ICS).

The Workbook has been fully revised and updated and contains new guidance on:

• Industry guidelines and regulatory requirements, including IACS UR E26 and E27
• cyber security in port
• ship inspections and port state control
• malware detection and prevention
• phishing risks.

Detailed case studies and diagrams have been added to help illustrate cyber risks. The Workbook contains 14 checklists and 7 annexes, including Cyber Security Risk Assessment and Creating a Cyber Security Plan.

Foreword

Harvesting the full potential of data gathering with the implementation of digital technologies and improved connectivity can certainly bring commercial benefits. However, in parallel, cyber criminals are refining their methods and developing techniques that cause disruptions to business and create hazardous situations for ships, their crew, the environment and the cargo.

Building on the latest Guidelines on Cyber Security Onboard Ships (Version 4), the Cyber Security Workbook for On Board Ship Use goes one step further and translates the high-level guidelines into operational tools and checklists for use on board ships. The Workbook is an indispensable complement to the Guidelines and is highly recommended reading for ship officers and shore staff with a cyber security risk management role.

David Loosley
Secretary General and CEO
BIMCO

Cyber attacks are on the rise, with criminals and State actors all setting their sights on shipping. This is a threat we cannot ignore. Our vessels have become more technologically advanced, with the growth of the internet of things and our shipboard systems increasingly connected to the internet and to systems ashore. Today?s modern ships are a target-rich environment for cyber attackers. A number of high-profile incidents on major shipping companies in recent years have demonstrated the serious potential for major disruption to operations and safety for maritime trade. It is essential that shipping remains resilient against these threats if it is to continue to carry the vast bulk of global trade safely and securely.

Awareness of the threat presented by cyber attack to shipping has increased, as have the mechanisms to reduce it. The IMO requirement to include cyber risk management in the Safety Management System from 1st January 2021 has brought cyber risk management into the statutory realm. Class and insurance requirements now also play a role in maintaining the cyber security of ships. Today, the shipping industry is better placed than ever to safeguard the vital service it provides from cyber attack. However, we should not grow complacent; regular risk assessments of your company?s cyber weak spots, training and awareness campaigns for staff and plans for recovery if a cyber attack occurs are all essential to stay resilient to the ever-changing threat landscape.

Cyber security is central to the safe and secure operation of ships and shipping companies, and this guidance provides a comprehensive resource to understand the threat practically and continually mitigate against the risks it presents to maritime transport.

Guy Platten
Secretary General
International Chamber of Shipping

BIMCO

BIMCO is the world's largest direct-membership organisation for shipowners, charterers, shipbrokers and agents. In total, around 60% of the world?s merchant fleet is a BIMCO member, measured by tonnage (weight of the unloaded ships).

The organisation has NGO status and is based in Copenhagen, Denmark, with offices in Athens, Singapore and Shanghai.

With around 1900 member companies across 120 countries, from the largest shipowners in the world to small local port agents and law firms, BIMCO represents a wide range of maritime companies and organisations.

BIMCO's goal is to secure a level playing field for the global shipping industry. BIMCO therefore works to promote and secure global standards and regulations for the maritime sector. The organisation?s century long effort into creating standard contracts and clauses is an expression of that aim.

ICS

The International Chamber of Shipping (ICS) is the principal international trade association for the shipping industry, representing shipowners and operators in all sectors and trades.

ICS membership comprises national shipowners' associations in Asia, Europe and the Americas whose member shipping companies operate over 80% of the world's merchant tonnage.

Established in 1921, ICS is concerned with all technical, legal, employment affairs and policy issues that may affect international shipping.

ICS represents shipowners with the various intergovernmental regulatory bodies that impact on shipping, including the International Maritime Organization.

ICS also develops best practices and guidance, including a wide range of publications and free resources that are used by ship operators globally.

https://www.ics-shipping.org/about-ics/about-ics

Witherbys

Witherbys titles are developed using scripts developed by technical experts that are peer reviewed within work groups. Typically, they seek to improve understanding of the regulations, recommendations and guidelines issued by Industry.

Witherbys staff have significant expertise in the fields of navigation and hazardous cargoes as well as in the presentation of complex subjects in a graphic and easy to understand manner.