Adrian Johnson
TLDR
- The US Coast Guard issued a Notice of Proposed Rule Making (NPRM) to enhance cybersecurity measures for US-flagged vessels and facilities
- The proposed rule outlines stringent requirements for cybersecurity plans, training, risk management, and reporting of cyber incidents
In response to the growing cyber threats targeting the maritime transportation system, the US Coast Guard has taken steps to enhance cybersecurity measures. The Coast Guard issued a Notice of Proposed Rule Making (NPRM) on February 22, 2024, outlining comprehensive updates to cybersecurity requirements for US-flagged vessels, Outer Continental Shelf (OCS) facilities, and marine facilities subject to the Maritime Transportation Security Act of 2002 (MTSA).
The proposed rule aims to establish consistent cybersecurity requirements across vessels, marine facilities, and OCS facilities. Owners and operators would be required to appoint qualified personnel to develop robust cybersecurity plans, appoint a Cybersecurity Officer accessible to the Coast Guard 24/7, and implement measures to identify, detect, protect, and recover from cyber incidents. The rule also mandates physical security measures and drills to assess proficiency and compliance.
The deadline for submitting comments on the NPRM is April 22, 2024. The Coast Guard’s actions, along with an Executive Order from the White House, demonstrate progress in addressing cyber threats to maritime infrastructure. However, the need for clear, committed leadership to confront these challenges remains evident as cybersecurity challenges continue to escalate.
