Cyber attacks on critical infrastructure are a growing concern for many organizations across the globe. The Marine Transportation System is no different and has been a target of attacks, with recent network breaches, data thefts, and denial-of-service attacks. Exploited vulnerabilities can vary from the basic, such as the lack of passwords or use of default-only passwords, to configuration issues and software flaws. To achieve the level of protection and resilience needed for critical control system networks, security needs to mature from a piecemeal collection of technologies to effective cyber security governance. This includes the ability to detect abnormal behavior and prevent attacks while providing the organization with meaningful forensics to investigate breaches when they occur.
The International Maritime Organization approved the Interim Guidelines on Maritime Cyber Risk Management to provide high-level recommendations to safeguard shipping from current and emerging cyber-related threats and vulnerabilities.
The director of Coast Guard inspections and compliance provides a summary of remarks made, and questions asked, at the recent cybersecurity workshop, hosted by the National Institute for Standards and Technology. His remarks focused on work done by the Coast Guard and partner organizations to building security profiles, using the NIST Framework, to secure the bulk liquid transport sector.
Assistant Commandant for Prevention Policy addresses concern from member of industry about cyber discussions during Coast Guard facility inspections.
Read condensed remarks on cybersecurity from the Coast Guard’s keynote speaker at the Maritime Awareness Security Terrorism Training Seminar.