Cookies help us deliver the best experience on our website. By using our website, you agree to our use of cookies Dismiss

BIMCO launches new cybersecurity clause

BIMCO’s Documentary Committee has agreed a new standard Cyber Security Clause that requires the parties to implement cybersecurity procedures and systems, to help reduce the risk of an incident and mitigate the consequences should a security breach occur.

{mprestriction ids="1,2"} As a result of recent costly cybersecurity incidents involving large shipping companies, cybersecurity has become a major focus in the maritime industry. The development of the BIMCO Cyber Security Clause has been an important part of BIMCO’s efforts to reduce the threat of cyber attack.

The clause has been written by a small drafting team, led by Inga Frøysa of Klaveness, with representatives from shipowners, P&I clubs and a law firm, and will be published towards the end of May.

“I am very pleased to see BIMCO as the first mover on this important topic. Recent years have shown that there is a clear need for a clause addressing the contractual issues that can arise from a cybersecurity incident,” said Inga Frøysa.

The clause is drafted in broad and generic language, allowing for it to be used in a wide range of contracts and in a string of contracts for easy back-to-back application. It is hoped that the clause will assist parties in obtaining affordable insurance for their cyber security exposure, as the clause introduces a cap on the liability for breaches.

“It was very important to the subcommittee to impose an obligation on the parties to keep each other informed if a cyber security incident should occur, and to share any relevant information, which could assist the other party in mitigating and resolving an incident as quickly as possible,” Frøysa said.

This is done through a two-fold notification process. Firstly, through an immediate notification from the party who becomes aware of an incident to the other party. Secondly, through a more detailed notification once the affected party has had the chance to investigate the incident.

The clause also requires the parties to always share subsequent information, which could assist the other party in mitigating or preventing any effects from the incident.

The level of required cybersecurity will depend on many elements such as the size of the company, its geographical location and nature of business.

The clause takes this into account by stipulating that the parties must implement “appropriate” cybersecurity. The clause also requires each party to use reasonable endeavours to ensure that any third-party providing services on its behalf in connection with the contract, has appropriate cybersecurity.{/mprestriction}

Related items

Joomla SEF URLs by Artio

Login/Register

Register or Login to view even more of our content. Basic registration is free.

Register now

Digital Ship magazine provides the latest information about maritime satellite communications technology, software systems, navigation technology, computer networks, data management and TMSA. It is published ten times a year.

 

Address:
Digital Ship Ltd
Digital Ship - Digital Energy Journal
39-41 North Road
London
N7 9DP
United Kingdom

Copyright © 2020 Digital Ship Ltd. All rights reserved           Cookie Policy         Privacy Policy

x