This post provides a recap of the National Alternative Security Program Sponsoring Organizations workshop in Arlington, Virginia, May 2, 2019. Members met to discuss ongoing and emerging issues related to regulatory requirements of the Maritime Transportation Security Act (MTSA) of 2002.
The workshop provides a forum for the exchange of ideas related to the operation of autonomous vessels in the maritime sector, as well as ship automation and cyber risk management in the maritime domain. The objective is to identify potential opportunities for standards and related products applicable to advancements in automation, autonomous shipping, and maritime-specific cyber risk management issues.
Cyber attacks on critical infrastructure are a growing concern for many organizations across the globe. The Marine Transportation System is no different and has been a target of attacks, with recent network breaches, data thefts, and denial-of-service attacks. Exploited vulnerabilities can vary from the basic, such as the lack of passwords or use of default-only passwords, to configuration issues and software flaws. To achieve the level of protection and resilience needed for critical control system networks, security needs to mature from a piecemeal collection of technologies to effective cyber security governance. This includes the ability to detect abnormal behavior and prevent attacks while providing the organization with meaningful forensics to investigate breaches when they occur.
The International Maritime Organization approved the Interim Guidelines on Maritime Cyber Risk Management to provide high-level recommendations to safeguard shipping from current and emerging cyber-related threats and vulnerabilities.
The director of Coast Guard inspections and compliance provides a summary of remarks made, and questions asked, at the recent cybersecurity workshop, hosted by the National Institute for Standards and Technology. His remarks focused on work done by the Coast Guard and partner organizations to building security profiles, using the NIST Framework, to secure the bulk liquid transport sector.
Assistant Commandant for Prevention Policy addresses concern from member of industry about cyber discussions during Coast Guard facility inspections.
Read condensed remarks on cybersecurity from the Coast Guard’s keynote speaker at the Maritime Awareness Security Terrorism Training Seminar.
Read key takeaways from the Coast Guard’s Director of Inspections and Compliance at the Transportation Research Board of the National Academy of Science annual meeting. The annual meeting covered all transportation modes and addressed topics of interest to policy makers, administrators, practitioners, researchers and representatives of government, industry and academic institutions.
A new maritime cyber bulletin, on shipboard voyage data recorder vulnerabilities, is now available on Homeport.
