Security News > 2021 > May > Navigating the waters of maritime cybersecurity

Navigating the waters of maritime cybersecurity
2021-05-12 05:30

Around the same time, the U.S. government released a first of its kind National Maritime Cyber Security Plan, accompanying recent maritime cybersecurity directives from the U.S. Coast Guard.

On June 16th 2017, the Maritime Safety Committee of the United Nations' International Maritime Organization adopted a brief but significant resolution, MSC.428(98), "To raise awareness on cyber risk threats and vulnerabilities to support safe and secure shipping, which is operationally resilient to cyber risks".

Dr. Gary C. Kessler, an independent consultant and practitioner in the areas of maritime cybersecurity, as well as the author of Maritime Cybersecurity: A Guide for Leaders and Managers, noted that PNT issues were just starting to become publicized in 2016, and that CEOs of maritime companies and ports did not look at cyberattacks as an existential threat.

The Risk and Standards section addresses the issue of establishing guidelines for the sector in the U.S. It notes that "More than 20 Federal government organizations currently have a role in maritime security," and that "Common cybersecurity standards however, do not exist and are not consistent across Maritime Transportation Security Act and non-MTSA regulated facilities."

"Priority Action 3" acknowledges that in the short-term, "Federal maritime cybersecurity forces exist, but are not sufficiently staffed, resourced, and trained to monitor, protect, and mitigate cyber threats across the maritime Sector." The plan directs the U.S. Coast Guard to fill the gap by deploying "Field cyber protection teams to support federal maritime security coordination of MTSA-regulated facilities and aid in marine investigations, as required."

In a section on "Information and Intelligence Sharing", the NMCP recognizes that "Organizations such as Information Sharing and Analysis Centers provide a pathway to share information across the private and public sector coordinating Councils." It also points out that "Multiple private sector entities claim to be the information-sharing clearinghouse for MTS stakeholders. Overlapping membership across cybersecurity information sharing organizations creates barriers to efficiently inform MTS stakeholders of maritime cybersecurity best practices or threats."


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/B3-MOARwE0k/