Since October 1st, 2021, Maritime Transportation Security Act-regulated facilities have been incorporating cyber into their Facility Security Assessments (FSA) and Facility Security Plans (FSP) as part of their annual audit. Facilities still working on this aspect of their FSA and FSP should ensure that they are cognizant of their annual audit date, or engage in discussions with their local Captain of the Port to ensure the submissions are received prior to October 1st, 2022.
The Coast Guard previously published Navigation and Vessel Inspection Circular (NVIC) 01-20: Guidelines for Addressing Cyber Risks at MTSA Regulated Facilities as voluntary guidance for complying with MTSA requirements for addressing cyber risks. As part of that messaging, the Coast Guard published a Frequently Asked Questions (FAQ) document supporting the NVIC and cyber inclusion in FSPs.
As the Coast Guard continues to work with its Facility Inspectors in the field, as well as maritime industry stakeholders, we will continue to update these FAQs based on feedback. In keeping with this goal, the Coast Guard announces the availability of updated FAQs. These FAQs can be found on the Coast Guard’s Office of Port and Facility Compliance (CG-FAC) Cyber Security page.
We will continue to receive and address any questions about NVIC 01-20 or the incorporation of cyber into FSAs and FSPs, and will update the FAQs as information becomes available.
To submit questions or feedback on the FAQs, contact LCDR Leslie Downing, (202) 372-1160, email Leslie.M.DOwning@uscg.mil.
This blog is not a replacement or substitute for the formal posting of regulations and updates or existing processes for receiving formal feedback of the same. Links provided on this blog will direct the reader to official publications, such as the Federal Register, Homeport and the Code of Federal Regulations. These publications remain the official source for regulatory information published by the Coast Guard.