Commercial Vessel Compliance

10/17/2014: Importance of cyber safety and security to the Marine Transportation System

The 11th annual National Cyber Security Awareness Month is currently taking place and will continue to the end of October. To continue the discussion on cyber awareness, please take a moment to read Rear Adm. Paul Thomas’s comments concerning the importance of cyber safety and security to the Marine Transportation System.

Written by Paul Thomas

For over 200 years, the United States Coast Guard has worked with maritime industry and other stakeholders to promote maritime safety and security. From boiler explosions and fires to oil spills, natural disasters and terrorist attacks, we have achieved a remarkable degree of success in reducing risk and protecting vessels and facilities, crews and workers, and the American people as a whole, from all hazards and threats.

Cyber safety and security represents the latest risk to this system, and is a growing concern of consumers, corporations and law enforcement agencies. This concern is well founded. Computers and other cyber dependent technologies are growing part of our lives and businesses. These systems are potentially vulnerable to many types of risks, from deliberate attacks to the unintended but damaging introduction of malware, to simple technical failure. Cyber vulnerabilities within the Marine Transportation System could compromise vital safety, security and environmental functions, or lead to widespread trade disruptions.

Fortunately, there are measures that companies can and should consider to reduce their risk. The National Institute of Standards and Technology developed the Framework for Improving Critical Infrastructure Cybersecurity. The Framework is a set of industry standards and best practices. I encourage maritime companies to review the Framework and use it to identify, evaluate and address cyber security risks. Links to the Framework, and many other cyber security resources are available on the cyber security section of the Coast Guard’s Homeport portal.

While cyber security risks are real and growing, so too is our commitment to address them. The Coast Guard is developing policies to help industry address cyber security in a systematic way. We are also taking measures to protect our own systems, and to address cyber security at the port level through Area Maritime Security Committees. While cybersecurity is a new type of risk, it is one that we can address through our existing and well tested model of cooperation with industry. For Cyber Awareness month, please take the time to review Homeport, the Maritime Commons Blog, and to work with your local Area Maritime Security Committee to improve cyber security for our nation.

Each Friday, a new blog entry with informative tips from the Department of Homeland Security’s Stop, Think, Click campaign will be posted. Discussion and dialogue about the significance of cyber safety and security to maritime community is welcomed.

• Respond here on Maritime Commons or tweet your questions or comments to @maritimecommons and use the hashtag #maritimecyber
• Additional topics will be discussed each week of October.
• One question per tweet or blog post so we can fully address each one individually
• Stay on topic and keep questions to issues involving cyber
• Comments are moderated and those that stray off topic or are unprofessional will not be approved

This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.