The global maritime industry continues to embrace information technology and operational technology in automating its processes. Increased digitalisation has brought about cyber vulnerabilities, opening the door for cyber-attacks. Cyber-attacks can have serious consequences for crews, ships, and cargos, including casualties, loss of control of ship and ship or cargo hijacking. This research paper examines and discusses the limitations of the current IMO framework. The paper calls for a comprehensive legal framework on cyber risk management through the strengthening of the ISM Code and potentially through creation of a Cyber Code.