The Coast Guard Office of Commercial Vessel Compliance has updated the Vessel Cyber Risk Management Work Instruction. The Work Instruction was updated to include a compliance timeline for Non Safety Management System vessels that are subject to the Marine Transportation Safety Act of 2002.
The Coast Guard Assistant Commandant for Prevention Policy has published Marine Safety Information Bulletin 03-21 “Continued Awareness – Active Exploitation of SolarWinds Software”.
The Gulf of Mexico Area Maritime Security Committee (AMSC) conducted its annual security exercise from New Orleans, Louisiana, on November 17, 2020. Due to the restrictions on in-person gatherings due to COVID-19, the exercise was held via virtual online conference.
Area Maritime Security Committees 2019 Annual Report – Challenges, Suggestions, Accomplishments, and Best Practices
The Office of Port and Facility Compliance is pleased to announce the publication of a consolidated report on the status and work completed in 2019 by Area Maritime Security Committees (AMSCs).
The Office of Commercial Vessel Compliance has published Work Instruction CVC-WI-027, “Vessel Cyber Risk Management”.
The Coast Guard Assistant Commandant for Prevention Policy has published MSIB 19-20 “Malicious email spoofing incidents” to highlight several recent cyber events involving increasingly sophisticated malicious email spoofing techniques within the Marine Transportation System (MTS).
The Coast Guard Assistant Commandant for Prevention Policy has published MSIB 18-20 “Urgent Need to Protect Operational Technologies and Control Systems” to reiterate the need for vigilance against cyber threats to internet-accessible operational technology.
The Coast Guard has published a new Facility Inspector – Cyber Job Aid, in order to provide the service’s marine safety personnel with additional guidance as they address facilities’ documented cyber vulnerabilities.
The Coast Guard has issued guidance to facility owners and operators on complying with the requirements to assess, document, and address computer system and network vulnerabilities.