April 14, 2022
US Army graphics.
The Coast Guard has published a Maritime Safety Information Bulletin 02-22 “Cyber Security Awareness and Action”.
The Coast Guard continues to monitor world events and their potential impact on the maritime transport system (MTS). The Coast Guard remains engaged with its interagency partners and industry stakeholders to share information and coordinate the Federal Government’s readiness and efforts to reduce disruptions in the MTS, including disruptions due to cyber threats.
The website of the Agency for Cyber Security and Infrastructure Security (CISA) “Shields Up” remains the primary location for information and recommendations for adapting to the increased position of cyber security. The Coast Guard encourages all MTS stakeholders to visit the site regularly for updates and reminders. MTS stakeholders can also obtain CISA’s subscription service for timely updates / newsletters. The Coast Guard will continue to monitor the guidelines and products of CISA and partner agencies and will distribute these materials to stakeholders, together with the maritime context, as appropriate.
According to CISA’s Shields Up Guidelines, “Every organization should have documented thresholds for reporting potential cyber incidents to senior US government and government.” In this environment of increased threat, these thresholds should be significantly lower than usual. ” The Coast Guard fully supports these guidelines and, with our partner agencies, is ready to respond to these reports. Given the increased risk, stakeholders should closely monitor their computer systems, telecommunications systems and networks for suspicious activity and security breaches and, when in doubt, report to the National Response Center (NRC).
The Maritime Safety Act (MTSA) prescribes vessels and facilities, and other MTS stakeholders are encouraged to report safety breaches or suspicious activity to the NRC at 1-800-424-8802. Policy Letter CG-5P 08-16, Reporting Suspicious Activities and Security Violations provides additional guidance on reporting cyber incidents.
The Coast Guard continues to review policies, procedures, and guidelines for addressing the evolving nature of cyber risk management. The Coast Guard has published the Vessel Navigation and Inspection Circular (NVIC) 01-20: Guidelines for Resolving Cyber Risks in Facilities Regulated by the Maritime Safety Act (MTSA), as well as a Cyber Cyber Risk Management Work Guide, to help stakeholders engage cyber security in facilities and vessel security assessments and plans. In addition, U.S. ports and the Maritime Safety Committees (AMSC) serve as a key resource for local, state, federal, and private entities to engage in information sharing, best practices, and port security and safety.
While security breaches and suspicious activities must be reported to the NRC, the Cyber Coast Guard Command is available to provide technical support to help MTS stakeholders prepare for or respond to a cyber incident. You can get their 24 × 7 watch at: 202-372-2904 or [email protected].
Comments are closed.