Cyber Awareness & Risk Management

Reporting security incidents to National Response Center

The Office of Port & Facility Compliance is reminding owners/operators to list the National Response Center’s 24-hour hotline, 800-424-8802, in their facility/vessel security plans for reporting maritime security and cybersecurity incidents to the Coast Guard. Use of the telephone hotline ensures reliability and allows the NRC watch stander answering the phone to make sure all pertinent information is recorded. NRC no longer provides an email address on its website for reporting incidents.

For cyber incidents that do not also involve physical or pollution effects, the Coast Guard allows reporting parties to call and report the incident to the National Cybersecurity and Communications Integration Center (NCCIC) in lieu of the NRC. NCCIC is a 24×7 cyber situational awareness, incident response, and management center staffed by watch standers who can also provide technical assistance following an incident. It is imperative that the reporting party inform the NCCIC that they are a Coast Guard regulated entity in order to satisfy the reporting requirements of 33 CFR 101.305. NCCIC can be reached at (888) 282-0870.

Coast Guard Policy Letter 08-16, “Reporting Suspicious Activities and Breaches of Security,” outlines the requirements for regulated vessels and facilities to report security incidents, in accordance with the 2002 Maritime Transportation Security Act.

Questions regarding this notice may be sent to

This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official source documents, such as the Federal Register, Homeport and the Code of Federal Regulations. These documents remain the official source for regulatory information published by the Coast Guard.