Editor’s note: October is National Cybersecurity Awareness Month and we’ll be bringing you information throughout the month that focuses on cybersecurity, cyber risk management, and common practices you can employ now to safeguard your operations.
Submitted by Charles Blackmore, Critical Infrastructure Protection & Port Resiliency/Recovery Division
The national theme for this year’s National Cybersecurity Awareness Month (NCSAM) is “Own IT. Secure IT. Protect IT,” which focuses on personal accountability and positive behavior when it comes to cybersecurity. The Coast Guard’s goal is to provide the maritime community with information, resources, and best practices to help protect their environments.
The first resource is the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency’s (CISA) website specifically for NCSAM. The information provided can be used at the organizational level and at the individual level to protect company and home networks alike.
The second resource is the National Institute of Standards and Technology’s website for the Cybersecurity Framework (CSF). The CSF, or “Framework” provides a common language and systematic methodology for managing cybersecurity risk. The Framework Core includes activities to be incorporated in a cybersecurity program that can be tailored to meet any organization’s needs. The U.S. Coast Guard has worked with industry, utilizing the Framework, to produce three maritime industry focused profiles to include: Passenger Vessels, Offshore Operations, and Maritime Bulk Liquid Transfer. Information on these profiles can be found in previous Maritime Commons posts.
Another resource is DHS’ STOP. THINK. CONNECT. website, which is a national public awareness campaign aimed at increasing the understanding of cyber threats, empowering the American public to be safer and more secure online, and increasing awareness that cybersecurity is a shared responsibility.
Finally, the Coast Guard Office of Port and Facility Compliance webinar (created by ABS Group) titled “Maritime Cybersecurity Awareness” was developed to provide basic cyber awareness with a focus on maritime facility and vessel operations.
This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.