Federal Register

9/8/2017: Cyber risk NVIC comment period extended 30 days to October 11

As a courtesy to our audience, Maritime Commons will provide a daily compilation of nationally-relevant Federal Register Notices. To provide comments for the public record, follow the Federal Register link for each individual notice. Please note, the Coast Guard cannot respond to comments on these notices outside of the Federal Register.

The Coast Guard announced via the Federal Register a 30-day extension of the comment period for the draft Navigation and Vessel Inspection Circular (NVIC) 05-17: Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities.

This is a 30-day extension to the initial 60 day public comment period. The comment period was previously set to close Sept. 11, 2017. Comments and related material must now reach the Coast Guard on or before Oct. 11, 2017. This extension is due to conditions caused by hurricanes Harvey and Irma, which have prevented some members of the public from submitting comments by the original deadline.

Title 33 Code of Federal Regulations Parts 105 & 106 Subpart C requires facilities to conduct security assessments that identify vulnerabilities with their physical security, as well as computer systems and networks. Based on the security assessment results, facility owners and operators are required to develop mitigation strategies and document the strategies in their facility security plans. The draft NVIC provides suggestions for how MTSA regulated facility owners and operators can incorporate computer system and network vulnerabilities into existing requirements. Additionally, the draft NVIC provides guidance on implementing a cyber risk management governance program.

For more information, read the full Federal Register notice.

This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.