MARITIME CYBER SECURITY Archives - Page 8 of 40 - SHIP IP LTD

The growing use and reliance on information technology, of data networks, transmissions and connectivity in the daily work within the marine and energy sectors increases exposure to cyber related risks. Ransomware attacks may result in economic loss or costs of rebuilding lost data. The consequential damages to hull, cargo and third-party liabilities from a cyber-attack on board a vessel or mobile offshore unit poses a different and more costly risk. The limited data on the frequency, severity of loss or probability of physical damage, is a challenge to underwriters.

In view of this growing risk, IACS has amplified its work on the reliability and functional effectiveness of onboard, safety-critical, computer-based systems. The need to take a holistic approach which includes the perspectives of various maritime stakeholders was a priority, hence IACS set up a Joint Working Group (JWG) on Cyber Systems. The objective was to help identify best practices, appropriate existing standards in risk and cyber security, and a practical risk-based approach.

Previous work included the development of Recommendations as well as efforts at the IMO such as IMO Resolution 428(98), applicable to in-service vessels since 1 January 2021. On this basis and in cooperation with the JWG on Cyber Systems, IACS adopted two new IACS Unified Requirements[1] (URs) on the cyber resilience of ships in April 2022:

UR E26 aims to ensure the secure integration of both Operational Technology (OT) and Information Technology (IT) equipment into the vessel’s network during the design, construction, commissioning, and operational life of the ship. This UR targets the ship as a collective entity for cyber resilience and covers five key aspects: equipment identification, protection, attack detection, response, and recovery.

UR E27 aims to ensure system integrity is secured and hardened by third-party equipment suppliers. This UR provides requirements for the cyber resilience of onboard systems and equipment and provides additional requirements relating to the interface between users and computer-based systems onboard, as well as product design and development requirements for new devices before their implementation onboard ships.

These URs are to be uniformly implemented by IACS Societies on ships contracted for construction on or after 1 January 2024 and may be used for other ships as non-mandatory guidance. They help to establish a common set of minimum functional and performance criteria to deliver ships which can be described as cyber resilient.

IUMI has participated in the JWG on Cyber Systems to provide input from the insurance perspective. In light of the growing reliance on digital solutions in the maritime industry, the publication of the URs is a welcome step toward the development of a proper cyber risk management strategy on board today’s vessels.
Source: International Union of Marine Insurance

On the occasion of its sixth participation in the International Cybersecurity Forum (FIC) on June 7, 8 and 9, 2022 at the Grand Palais in Lille, Naval Group will present its latest innovations in the cyber field and its recruitment ambitions.

Meet the company on stand F35 to learn more about its cyber defense offer as well as job offers.

Cybersecurity is now a leading field of struggle with a constant increase in the number of cybernetic operations conducted in theaters of operations and on the various players in the defense ecosystem. Today, it is no longer just a question of managing cyber risks, but of anticipating them and above all of demonstrating robust and appropriate performance in this area to ensure the success of the digitization of systems and spaces.

Marine operational superiority depends on it. This robust and reliable protection, adjusted to the cyber needs of each customer and the type of mission of the boats, offers modularity throughout their life cycle. Naval Group’s cyber defense offer is the result of constant innovation, reconciling the imperative need for ship protection with the imperatives of operational continuity and crew safety at sea.

Cybersecurity: a strategic priority for Naval Group, partner of navies throughout the entire life cycle of ships

In order to ensure the resilience of its ships and its infrastructures in the face of these cyber challenges, Naval Group has made cybersecurity a strategic issue in its development and its products.

Naval Group integrates safety aspects at all stages of the ship’s life cycle. From their design, Naval Group combat ships and their digital systems are designed and protected natively (cyber by design). Cybersecurity is also integrated into the development, production and operational maintenance phases of ships. This begins with supporting the supply chain to strengthen the consideration of the cyber threat.

Naval Group brings in its wake a large number of suppliers and subcontractors in the naval and maritime sector. Guarantor of the economic dynamism of this sector and its growth, the group is also concerned about the maturity and the increase in skills of its players in terms of cybersecurity, for the benefit of the entire maritime ecosystem.

Naval Group’s cyber offer: a resilient and proven offer at sea

Laid down in December 2021, the first of five defense and intervention frigates (FDI) that will contribute to the French Navy’s leading fleet opens the era of resilient and cyber-secure ships natively (cyber-by-design), thanks to its capabilities to combat asymmetric threats and its cyber protection system (CyMS) integrated from the design stage and at each stage of its life cycle.

Operational heart of the cyber strategy of armed ships, the Cyber ​​Management System (CyMS) detects possible attacks in real time by the simultaneous analysis and control of the digital exchanges of the ship’s systems. In the event of an anomaly, the CyMS offers reaction scenarios to the operators who, thanks to simple and intuitive interfaces, have immediate access to the data necessary to adapt the reaction to the context and thus make the best choice. Upgradable, the CyMS is updated throughout the vessel’s life cycle and constantly enriched with improvements developed in partnership with the French Navy, in order to better meet the needs and operational constraints of users.

In addition, faced with the intensification of cyber challenges in naval defence, Naval Group showcased its Cyber ​​Lab in Brussels in April 2022. This center of excellence is dedicated to the development of cybersecurity technologies for naval application, in particular for ship and drone systems as well as for onshore infrastructures. The Cyber ​​Lab is specialized in the implementation of cybersecurity measures developed for the benefit of the Belgian-Dutch mine action program rMCM but also a key promoter of the development of technologies and solutions in the naval and maritime sectors in Europe.

K2 Informatics, a company specializing in cybersecurity and IT systems integration has been recently certified by RINA for its “K2 Secure Solution”. RINA followed a strict methodology to evaluate the compliance of K2 Secure Solution against a strict set of international standards, based on IMO Resolution, IACS requirements and RINA Rules. The importance of the process is in providing assurance that certain hardware and software tools comply with the Marine Regulatory Framework and are suitable to be used in the marine environment, offering cybersecurity for systems & networks onboard.

Today vessels at sea, are more connected and vulnerable to cyberattacks than any given moment in the past. The average ransom paid by shipowners due to cyber-attacks is currently estimated at $ 3 million, but the true cost of business and service disruption is even higher.

Mr Spyridon Zolotas, Senior Director of RINA Marine Southern Europe & Africa, mentioned that: “Cybersecurity certification of companies does not only prove compliance with minimum acceptable scientific principles but assist companies in following high safety standards to protect seamen and help maintain a safe business environment for shipping”

Mr Michael Vrettos, Senior Cyber Security Expert of RINA, mentioned that: “Digitalization and Cyber Security go hand in hand, and their aim is to assist, not hamper shipping with complexity and extravagant costs. Systems that offer high security standards in a straightforward manner, like K2 Secure, can only benefit shipping”.

Mr Georgios Gkorgkolis Managing Director of K2 Informatics mentioned that: “working with RINA and complying with their Cyber Security regulations, was a great experience for us, as RINA team has in-depth knowledge and adheres to an easy to follow, yet strict and realistic methodology on Cybersecurity”.

Mr Philip Nielsen, Co-Founder of Oriani Hellas, mentioned: “we are proud to have K2 Secure solution certified as we thrive to keep our products and services to the higher standards possible and working with a recognized classification society as RINA was the best option for that”.

K2 Informatics, together with Oriani Hellas that specializes in Maritime digital applications have developed a maritime Cyber Security solution called K2 Secure Solution, which is based on global best practices and incorporates:

• security devices, for network segmentation, Quality of Service and VPN connections
• cloud management software for email and network protection
• remote maintenance and management software, for systems & networks onboard and ashore.
Source: Oriani Hellas, K2 Informatics

Cyber Threats – like ransomware or other types of malwares – are evolving, pervasive, and ubiquitous. They endanger both individuals and organizations across several communities worldwide. They run through addresses networks, information systems, and services, which represent the backbone of contemporary digital societies and the premises for their industrial, economic, and social development. Overall, cyberthreats undermine the potential benefits that stem from the use of new or emerging digital technologies in many sectors, e.g., transport, energy, health, telecommunications, finance, democratic processes, education, space, defence, and national security. Tackling cyber threats requires organizations to acquire, maintain, and further develop adequate cyber capabilities.

As far as countries are concerned, this entails assigning clear responsibilities and mandates to existing or newly established institutions, as well as sustaining their functioning through both the allocation of sufficient resources – human, financial, technological -, and the definition of efficient operational procedures. To prevent and counter cyberthreats, states should also adopt concrete measures and actions that are multidisciplinary and multi-layered in their essence. These can range from enacting specific policy and legal instruments, supporting the establishment of cybersecurity stakeholders’ communities or cooperation fora, financing technological research and development, to sustaining cyber-related education, and promoting educational campaigns in the field of cybersecurity. Altogether, the above-mentioned actions aim at building a cyber-resilient and cyber-secure community.

However, given the transnational nature and reach of cyber threats, countries cannot limit the scope of their preventive and counter initiatives to the domestic realm. They should act at the international level, too, promoting and contributing to universal, regional, and bilateral cooperation in the field of cybersecurity.

Cyber capacity building as international cooperation

International cooperation initiatives can take several forms, involve various partners, and focus on different elements or aspects. Some of these initiatives fall within the scope of so-called “cyber capacity building” (CCB).

Put it simply, CCB is a growing field of cooperation whose boundaries and content continue to evolve.[1]It is a tool comprising a rich set of activities and projects aimed at developing capabilities to mitigate risks and promote opportunities vis-à-vis cyberspace and digital technologies.

CBB initiatives’ topics and items can vary according to their promoters’ goals and needs. They can span from cyber policy and law-making, institution building, strategic planning, incident response, information sharing, critical national infrastructure protection, the promotion of information and awareness campaigns, to education and training. Since it is intrinsically based on a win-win logic, CCB can strengthen partners’ cyber resilience and sustain their technological and industrial development.

From a multilateral perspective, it can improve the overall cybersecurity of regional and sub-regional areas as well as boost their economic and social growth. To be truly beneficial, CCB initiatives should be coordinated and not fragmented. Furthermore, they should be premised upon transparent and shared goals and rely on effective resources for their implementation.

The role played by the Italian National Cybersecurity Agency

By acknowledging CCB’s value in terms of trust-building and strategic partnership, Italy aims at resorting to such tool to establish and reinforce close relationships and collaborations with its partners in the field of cybersecurity. The recently established Italian National Cybersecurity Agency has a clear mandate and functions in this field.[2]

The Agency is Italy’s cybersecurity authority, which ensures coordination between the domestic public entities having a stake in cybersecurity nationwide as well as promotes the implementation of common actions aimed at strengthening national cybersecurity and resilience. It is also responsible for safeguarding Italy’s national security and interests in cyberspace.

Among its assigned tasks, the Agency coordinates, in partnership with the Ministry of Foreign Affairs, international cooperation in the field of cybersecurity. In particular, it can stipulate bilateral and multilateral agreements – also through the involvement of the private and industrial sectors – with institutions, entities, and bodies of other countries for Italy’s participation in cybersecurity programmes. These agreements can be framed within the context of CCB initiatives. Among CCB partners, there are institutions from countries of the wider Mediterranean Region (North Africa and the Middle East), most of which have long-standing friendship ties with Italy.

In line with what is described above, CCB initiatives with these countries should aim at improving regional cyber resilience and promote technological innovation and development. Initiatives may have either a broad or narrow scope. Among others, they may include the sharing of best practices and experiences in the field of cybersecurity (for example, with a focus on the maritime, health or energy sectors); the exchange of data and insights on cyberthreats and other cyber-related malicious activities; the promotion of educational or training programmes aimed at filling skills or labour force shortages; or the support to institution building as well as policy and law-making in the field of cyber.

As per the latter, for example, Italy could share with its partners the experiences it has developed so far from the adoption and progressive implementation of the National Security Perimeter Law for Cyber[3], as well as from the domestic application of the Directive EU 2016/1148[4]. It could provide insights on the content and main features of the recently adopted National Cloud Strategy, which has the goal of providing strategic direction for the implementation and control of cloud solutions in public administration[5].

In conclusion, cybersecurity is transnational by nature. Safeguarding domestic cybersecurity and cyber-resilience requires states to act jointly at the international level. CCB can represent a useful instrument in this regard. It is an opportunity for Italy and its Mediterranean partners to prompt regional security, innovation, and growth.

SOURCES:

[1] R. Collett and N. Barmpaliou, International Cyber Capacity Building: Global Trends and Scenarios, Luxembourg: Publications Office of the European Union, 2021.

[2] The Agency was established by the Law Decree No. 82, 14.06.2021. See https://www.acn.gov.it/en.

[3] Law Decree No. 105, 21.09.2019, in the Italian Official Journal No. 222, 21.09.2019 (in Italian).

[4] The so-called “Network and Information Systems (NIS) Directive”, in European Official Journal L 194, 19.7.2016.

[5] See https://assets.innovazione.gov.it/1634299755-strategiacloudit.pdf (in Italian).

The global maritime industry continues to embrace information technology and operational technology in automating its processes. Increased digitalisation has brought about cyber vulnerabilities, opening the door for cyber-attacks. Cyber-attacks can have serious consequences for crews, ships, and cargos, including casualties, loss of control of ship and ship or cargo hijacking. This research paper examines and discusses the limitations of the current IMO framework. The paper calls for a comprehensive legal framework on cyber risk management through the strengthening of the ISM Code and potentially through creation of a Cyber Code.

Source: marsafelawjournal

Facing “very substantial threats against the maritime critical infrastructure every day,” the Coast Guard has operationalized cybersecurity and “made it part of our prevention and response framework to make sure that we’re getting after this threat at the speed and pace at which it demands,” USCG Assistant Commandant for Prevention Policy Rear Admiral John Mauger told the House Transportation and Infrastructure Committee during a hearing on cybersecurity last month.

The marine transportation system, or MTS, is an integrated network of 361 ports and 25,000 miles of waterways and supports one quarter of U.S. GDP and one in seven American jobs, and “any substantial disruption to marine transportation can cause cascading effects, to our economy and to our national security.”

“Cyberattacks are a significant threat to the maritime critical infrastructure, and while we must continue to work to prevent attacks, we must also be clear-eyed that attacks will occur, and we must ensure that the MTS is resilient,” Mauger said. “Protecting maritime critical infrastructure and ensuring resiliency is a shared responsibility.”

That has included establishing Coast Guard Cyber Command, with cyber forces that “are manned, trained, and equipped in accordance with joint DoD standards, but have a broad range of authorities to address complex issues, spanning national defense and homeland security, including protecting the MTS.” USCG stood up a maritime cyber readiness branch within Coast Guard Cyber Command “as a focal point for maritime threat monitoring, information sharing, and response coordination.”

“The Coast Guard’s approach to protecting the MTS leverages our proven prevention and response framework,” he said. “To prevent incidents, we leverage our authorities in the nation’s ports to set standards and conduct compliance. We refer to this as cyber risk management, and require accountability, assessments, mitigations, exercises, and incident reporting. To prepare for and respond to cyber incidents, Coast Guard sectors are leading field-level exercises with Area of Maritime Security committees, and have established unified commands with FBI and CISA to lead the federal response to cyberattacks in the ports.”

“Cyberattacks will increasingly have physical impacts, beyond computer networks. By incorporating cybersecurity into our prevention and response framework, we provide a comprehensive, all-hazards approach to this threat, but we cannot do this alone. As the co-sector risk management for transportation, we look to both TSA and CISA as key partners.”

Mauger stressed that cybersecurity is “a shared responsibility with the private sector” and “collaboration with the industry is paramount, and focused on information sharing and good governance.” USCG established the National Maritime Security Advisory Committee “to facilitate consultation with industry on standards development” and works with the International Maritime Organization to address the risks posed by foreign vessels. “We are committed to a transparent approach, as we balance the urgency of cyberthreats with informed rulemaking,” he added. “The cyberthreat is dynamic.”

Asked for an update to the Coast Guard’s efforts to improve its own IT systems, the assistant commandant noted that the USCG “approach to protecting the maritime transportation system relies on us having our own ability to defend and operate our networks.”

“Through investments in the CARES Act, with over $65 million in funding, we’ve been able to make significant investments to modernize our infrastructure, and push more information out to our mobile users out in the field, and our cutters underway,” Mauger said. “But all of this is premised, our security is premised, on it being an operational imperative. And so the key thing that’s really driven us forward is the establishment of Coast Guard Cyber Command as an operational command, under the purview of a two-star commander, that oversees our daily mission execution in the IT space. And then the coordination with our CIO, who is driving those investment and modernization projects forward.”

At the port level, Mauger said the Coast Guard is “really focused on working across the prevention and response framework to ensure that we have the ability to defend and then also respond resiliently from attacks.”

“This is a shared responsibility between the private sector and the federal agencies involved, and so we’re doing a number of different things,” he said. “First of all, we put in standards in place that require them to conduct assessments, have an accountable person, develop a plan, mitigate that plan, exercise it, and report incidents. All those pieces are really important. Through those assessments, we then have the opportunity to drive investments through the Port Security Grant Program, to update security posture in the ports. And so last year, $17 million was allocated from the Port Security Grant Program for Cybersecurity.”

“Which side is winning, the increased cyberthreats or increased digital-based safety operational enhancements?” asked Rep. Bob Gibbs (R-Ohio). “How are we doing in this fight, who’s winning?”

“Congressman, it’s not an either/or proposition for us, it’s really an all-of-the-above,” Mauger replied. “And so as the Assistant Commandant for Prevention Policy, we make sure that we bring together the best of our ability to secure private industry, but then be able to respond as well.”

“And so, leveraging our prevention and response framework, we’ve made sure that we’ve taken a multilayered approach to engaging with the industry, sharing information with them at the local level, through the Area Maritime Security Committees, and conducting compliance activities,” he added. “And then at the national level, engaging across the interagency with our National Maritime Security Advisory Committee, with the MTS ISAC, and then with other interagency partners, to make sure that we’re tied together, and providing a comprehensive network, and comprehensive approach to this problem.”

Mauger emphasized to lawmakers that “overall risk management approach, within both the private sector and the federal government” requires accountability.

“You have to have an accountable person; they have to be able to do an assessment and to understand the risks,” he said. “They have to be empowered to manage those risks. And then it also comes back to exercising and reporting. Where it comes to reporting right now, we have to change the paradigm from ‘what is the minimum I need to disclose’ to ‘how can I help protect others’… these incidents cut across so many different infrastructures, and reporting really helps us to make us all stronger.”

Asked how threats and risk-management assistance is communicated to individual ports and throughout the MTS, Mauger replied that “unity of effort within the Coast Guard is part of our DNA, and so we take a multi-level approach to share information at the speed of cyber here with the industry.”

“But this is a dynamic threat environment, and going forward we need to use a combination of both existing tools and new tools, or new methods, to get after the information sharing,” he added. “So for this multi-level approach at the local level, we work through our Area Maritime Security Committees; each of those have established cyber subcommittees that are responsible for that day-to-day sharing of information, for conducting the exercises, for reviewing best practices and understanding how to move forward. Those same people then are integral to response efforts when they occur in the ports. At the national level, we work through a number of different means. We’ve established a maritime cyber readiness branch within our Coast Guard Cyber that really becomes a focal point for threat information dissemination, technical assistance in the field, and connection to the interagency.”

“We’ve embedded folks in CISA, we meet regularly with the other Sector Risk Management Agencies. We engage with the MTS’s information sharing and analysis center. And we look for every opportunity to continue to share information and communicate threats, and understand the vulnerabilities in this industry, so we can protect the MTS.”

Source: hstoday

Cyber attacks targeting the marine sector, and critical infrastructure more broadly, are growing rapidly across the world and in Asia. As the maritime industry undergoes rapid digitalization, ransomware attacks continue to escalate. In fact, hackers are narrowing their focus on organizations in the sector, which are seen as tempting targets due to a perceived lack of cyber security investment and potential for significant operational disruption.

The marine industry being an attractive target for hackers is not new. Since Maersk suffered a devastating US$300 million ransomware attack in 2017, the maritime industry has earned the unfortunate distinction of being the only sector to have all four of the world’s largest shipping companies being hit by cyber attacks in the last four years, namely – Maersk, Mediterranean Shipping Company, CMA CGM and COSCO.

As the industry strives for greater technological efficiency, new vulnerabilities emerge as a result of the growing integration of information and operational technology.

International and national regulatory organisations, as well as industry trade associations, take these threats seriously and call on ship owners and operators, charterers, ports, and other maritime businesses large and small to take action.

We offer technological and scientific expertise to assist you in safeguarding and advancing your critical interests. We are a trusted, independent advisor and security partner for clients who understand that cyber resilience can provide a competitive advantage in a highly regulated and crowded environment.

Source: hackersera

Maersk, MSC, IMO — there is no shortage of maritime security incidents and cyber attacks. As hackers become even more sophisticated in their tactics, it’s inevitable that maritime cyber attacks against OT on ships are becoming the norm rather than the exception. The stats speak for themselves:

Of respondents, 77% view maritime cyber-attacks as a high or medium risk to their organizations, yet only 64% said their organization has a business continuity plan in place to follow in the event of a cyber security incident. Only 24% claimed their security incidents plan was tested every three months, and only 15% said that it was tested every six to 12 months. Only 2 of 5 respondents said that their organization protects vessels from operational technology (OT) cyber threats, and some respondents went so far as to describe their company policy to OT cyber risk as “careless.”

It’s time for the maritime industry to take a look at every aspect of their ship operations to ensure they’re protected and resilient against these growing threats and attacks. Maritime security intelligence begins with a comprehensive understanding of the risks faced. Today’s maritime security incidents and cyber attacks will only grow with continued digitalization and future technological advances.

In this eBook, we will help you navigate the ins and outs of maritime cybersecurity, review security incidents and maritime cyber attacks, address cybersecurity challenges and compliance considerations, and get you geared up to establish your maritime cybersecurity action plan.

Source: missionsecure

Facing “very substantial threats against the maritime critical infrastructure every day,” the Coast Guard has operationalized cybersecurity and “made it part of our prevention and response framework to make sure that we’re getting after this threat at the speed and pace at which it demands,” USCG Assistant Commandant for Prevention Policy Rear Admiral John Mauger told the House Transportation and Infrastructure Committee during a hearing on cybersecurity last month.

The marine transportation system, or MTS, is an integrated network of 361 ports and 25,000 miles of waterways and supports one quarter of U.S. GDP and one in seven American jobs, and “any substantial disruption to marine transportation can cause cascading effects, to our economy and to our national security.”

“Cyberattacks are a significant threat to the maritime critical infrastructure, and while we must continue to work to prevent attacks, we must also be clear-eyed that attacks will occur, and we must ensure that the MTS is resilient,” Mauger said. “Protecting maritime critical infrastructure and ensuring resiliency is a shared responsibility.”

That has included establishing Coast Guard Cyber Command, with cyber forces that “are manned, trained, and equipped in accordance with joint DoD standards, but have a broad range of authorities to address complex issues, spanning national defense and homeland security, including protecting the MTS.” USCG stood up a maritime cyber readiness branch within Coast Guard Cyber Command “as a focal point for maritime threat monitoring, information sharing, and response coordination.”

“The Coast Guard’s approach to protecting the MTS leverages our proven prevention and response framework,” he said. “To prevent incidents, we leverage our authorities in the nation’s ports to set standards and conduct compliance. We refer to this as cyber risk management, and require accountability, assessments, mitigations, exercises, and incident reporting. To prepare for and respond to cyber incidents, Coast Guard sectors are leading field-level exercises with Area of Maritime Security committees, and have established unified commands with FBI and CISA to lead the federal response to cyberattacks in the ports.”

“Cyberattacks will increasingly have physical impacts, beyond computer networks. By incorporating cybersecurity into our prevention and response framework, we provide a comprehensive, all-hazards approach to this threat, but we cannot do this alone. As the co-sector risk management for transportation, we look to both TSA and CISA as key partners.”

Mauger stressed that cybersecurity is “a shared responsibility with the private sector” and “collaboration with the industry is paramount, and focused on information sharing and good governance.” USCG established the National Maritime Security Advisory Committee “to facilitate consultation with industry on standards development” and works with the International Maritime Organization to address the risks posed by foreign vessels. “We are committed to a transparent approach, as we balance the urgency of cyberthreats with informed rulemaking,” he added. “The cyberthreat is dynamic.”

Asked for an update to the Coast Guard’s efforts to improve its own IT systems, the assistant commandant noted that the USCG “approach to protecting the maritime transportation system relies on us having our own ability to defend and operate our networks.”

“Through investments in the CARES Act, with over $65 million in funding, we’ve been able to make significant investments to modernize our infrastructure, and push more information out to our mobile users out in the field, and our cutters underway,” Mauger said. “But all of this is premised, our security is premised, on it being an operational imperative. And so the key thing that’s really driven us forward is the establishment of Coast Guard Cyber Command as an operational command, under the purview of a two-star commander, that oversees our daily mission execution in the IT space. And then the coordination with our CIO, who is driving those investment and modernization projects forward.”

At the port level, Mauger said the Coast Guard is “really focused on working across the prevention and response framework to ensure that we have the ability to defend and then also respond resiliently from attacks.”

“This is a shared responsibility between the private sector and the federal agencies involved, and so we’re doing a number of different things,” he said. “First of all, we put in standards in place that require them to conduct assessments, have an accountable person, develop a plan, mitigate that plan, exercise it, and report incidents. All those pieces are really important. Through those assessments, we then have the opportunity to drive investments through the Port Security Grant Program, to update security posture in the ports. And so last year, $17 million was allocated from the Port Security Grant Program for Cybersecurity.”

“Which side is winning, the increased cyberthreats or increased digital-based safety operational enhancements?” asked Rep. Bob Gibbs (R-Ohio). “How are we doing in this fight, who’s winning?”

“Congressman, it’s not an either/or proposition for us, it’s really an all-of-the-above,” Mauger replied. “And so as the Assistant Commandant for Prevention Policy, we make sure that we bring together the best of our ability to secure private industry, but then be able to respond as well.”

“And so, leveraging our prevention and response framework, we’ve made sure that we’ve taken a multilayered approach to engaging with the industry, sharing information with them at the local level, through the Area Maritime Security Committees, and conducting compliance activities,” he added. “And then at the national level, engaging across the interagency with our National Maritime Security Advisory Committee, with the MTS ISAC, and then with other interagency partners, to make sure that we’re tied together, and providing a comprehensive network, and comprehensive approach to this problem.”

Mauger emphasized to lawmakers that “overall risk management approach, within both the private sector and the federal government” requires accountability.

“You have to have an accountable person; they have to be able to do an assessment and to understand the risks,” he said. “They have to be empowered to manage those risks. And then it also comes back to exercising and reporting. Where it comes to reporting right now, we have to change the paradigm from ‘what is the minimum I need to disclose’ to ‘how can I help protect others’… these incidents cut across so many different infrastructures, and reporting really helps us to make us all stronger.”

Asked how threats and risk-management assistance is communicated to individual ports and throughout the MTS, Mauger replied that “unity of effort within the Coast Guard is part of our DNA, and so we take a multi-level approach to share information at the speed of cyber here with the industry.”

“But this is a dynamic threat environment, and going forward we need to use a combination of both existing tools and new tools, or new methods, to get after the information sharing,” he added. “So for this multi-level approach at the local level, we work through our Area Maritime Security Committees; each of those have established cyber subcommittees that are responsible for that day-to-day sharing of information, for conducting the exercises, for reviewing best practices and understanding how to move forward. Those same people then are integral to response efforts when they occur in the ports. At the national level, we work through a number of different means. We’ve established a maritime cyber readiness branch within our Coast Guard Cyber that really becomes a focal point for threat information dissemination, technical assistance in the field, and connection to the interagency.”

“We’ve embedded folks in CISA, we meet regularly with the other Sector Risk Management Agencies. We engage with the MTS’s information sharing and analysis center. And we look for every opportunity to continue to share information and communicate threats, and understand the vulnerabilities in this industry, so we can protect the MTS.”

Source: hstoday