MARITIME CYBER SECURITY Archives - Page 9 of 41 - SHIP IP LTD

K2 Informatics, a company specializing in cybersecurity and IT systems integration has been recently certified by RINA for its “K2 Secure Solution”. RINA followed a strict methodology to evaluate the compliance of K2 Secure Solution against a strict set of international standards, based on IMO Resolution, IACS requirements and RINA Rules. The importance of the process is in providing assurance that certain hardware and software tools comply with the Marine Regulatory Framework and are suitable to be used in the marine environment, offering cybersecurity for systems & networks onboard.

Today vessels at sea, are more connected and vulnerable to cyberattacks than any given moment in the past. The average ransom paid by shipowners due to cyber-attacks is currently estimated at $ 3 million, but the true cost of business and service disruption is even higher.

Mr Spyridon Zolotas, Senior Director of RINA Marine Southern Europe & Africa, mentioned that: “Cybersecurity certification of companies does not only prove compliance with minimum acceptable scientific principles but assist companies in following high safety standards to protect seamen and help maintain a safe business environment for shipping”

Mr Michael Vrettos, Senior Cyber Security Expert of RINA, mentioned that: “Digitalization and Cyber Security go hand in hand, and their aim is to assist, not hamper shipping with complexity and extravagant costs. Systems that offer high security standards in a straightforward manner, like K2 Secure, can only benefit shipping”.

Mr Georgios Gkorgkolis Managing Director of K2 Informatics mentioned that: “working with RINA and complying with their Cyber Security regulations, was a great experience for us, as RINA team has in-depth knowledge and adheres to an easy to follow, yet strict and realistic methodology on Cybersecurity”.

Mr Philip Nielsen, Co-Founder of Oriani Hellas, mentioned: “we are proud to have K2 Secure solution certified as we thrive to keep our products and services to the higher standards possible and working with a recognized classification society as RINA was the best option for that”.

K2 Informatics, together with Oriani Hellas that specializes in Maritime digital applications have developed a maritime Cyber Security solution called K2 Secure Solution, which is based on global best practices and incorporates:

• security devices, for network segmentation, Quality of Service and VPN connections
• cloud management software for email and network protection
• remote maintenance and management software, for systems & networks onboard and ashore.
Source: Oriani Hellas, K2 Informatics

Cyber Threats – like ransomware or other types of malwares – are evolving, pervasive, and ubiquitous. They endanger both individuals and organizations across several communities worldwide. They run through addresses networks, information systems, and services, which represent the backbone of contemporary digital societies and the premises for their industrial, economic, and social development. Overall, cyberthreats undermine the potential benefits that stem from the use of new or emerging digital technologies in many sectors, e.g., transport, energy, health, telecommunications, finance, democratic processes, education, space, defence, and national security. Tackling cyber threats requires organizations to acquire, maintain, and further develop adequate cyber capabilities.

As far as countries are concerned, this entails assigning clear responsibilities and mandates to existing or newly established institutions, as well as sustaining their functioning through both the allocation of sufficient resources – human, financial, technological -, and the definition of efficient operational procedures. To prevent and counter cyberthreats, states should also adopt concrete measures and actions that are multidisciplinary and multi-layered in their essence. These can range from enacting specific policy and legal instruments, supporting the establishment of cybersecurity stakeholders’ communities or cooperation fora, financing technological research and development, to sustaining cyber-related education, and promoting educational campaigns in the field of cybersecurity. Altogether, the above-mentioned actions aim at building a cyber-resilient and cyber-secure community.

However, given the transnational nature and reach of cyber threats, countries cannot limit the scope of their preventive and counter initiatives to the domestic realm. They should act at the international level, too, promoting and contributing to universal, regional, and bilateral cooperation in the field of cybersecurity.

Cyber capacity building as international cooperation

International cooperation initiatives can take several forms, involve various partners, and focus on different elements or aspects. Some of these initiatives fall within the scope of so-called “cyber capacity building” (CCB).

Put it simply, CCB is a growing field of cooperation whose boundaries and content continue to evolve.[1]It is a tool comprising a rich set of activities and projects aimed at developing capabilities to mitigate risks and promote opportunities vis-à-vis cyberspace and digital technologies.

CBB initiatives’ topics and items can vary according to their promoters’ goals and needs. They can span from cyber policy and law-making, institution building, strategic planning, incident response, information sharing, critical national infrastructure protection, the promotion of information and awareness campaigns, to education and training. Since it is intrinsically based on a win-win logic, CCB can strengthen partners’ cyber resilience and sustain their technological and industrial development.

From a multilateral perspective, it can improve the overall cybersecurity of regional and sub-regional areas as well as boost their economic and social growth. To be truly beneficial, CCB initiatives should be coordinated and not fragmented. Furthermore, they should be premised upon transparent and shared goals and rely on effective resources for their implementation.

The role played by the Italian National Cybersecurity Agency

By acknowledging CCB’s value in terms of trust-building and strategic partnership, Italy aims at resorting to such tool to establish and reinforce close relationships and collaborations with its partners in the field of cybersecurity. The recently established Italian National Cybersecurity Agency has a clear mandate and functions in this field.[2]

The Agency is Italy’s cybersecurity authority, which ensures coordination between the domestic public entities having a stake in cybersecurity nationwide as well as promotes the implementation of common actions aimed at strengthening national cybersecurity and resilience. It is also responsible for safeguarding Italy’s national security and interests in cyberspace.

Among its assigned tasks, the Agency coordinates, in partnership with the Ministry of Foreign Affairs, international cooperation in the field of cybersecurity. In particular, it can stipulate bilateral and multilateral agreements – also through the involvement of the private and industrial sectors – with institutions, entities, and bodies of other countries for Italy’s participation in cybersecurity programmes. These agreements can be framed within the context of CCB initiatives. Among CCB partners, there are institutions from countries of the wider Mediterranean Region (North Africa and the Middle East), most of which have long-standing friendship ties with Italy.

In line with what is described above, CCB initiatives with these countries should aim at improving regional cyber resilience and promote technological innovation and development. Initiatives may have either a broad or narrow scope. Among others, they may include the sharing of best practices and experiences in the field of cybersecurity (for example, with a focus on the maritime, health or energy sectors); the exchange of data and insights on cyberthreats and other cyber-related malicious activities; the promotion of educational or training programmes aimed at filling skills or labour force shortages; or the support to institution building as well as policy and law-making in the field of cyber.

As per the latter, for example, Italy could share with its partners the experiences it has developed so far from the adoption and progressive implementation of the National Security Perimeter Law for Cyber[3], as well as from the domestic application of the Directive EU 2016/1148[4]. It could provide insights on the content and main features of the recently adopted National Cloud Strategy, which has the goal of providing strategic direction for the implementation and control of cloud solutions in public administration[5].

In conclusion, cybersecurity is transnational by nature. Safeguarding domestic cybersecurity and cyber-resilience requires states to act jointly at the international level. CCB can represent a useful instrument in this regard. It is an opportunity for Italy and its Mediterranean partners to prompt regional security, innovation, and growth.

SOURCES:

[1] R. Collett and N. Barmpaliou, International Cyber Capacity Building: Global Trends and Scenarios, Luxembourg: Publications Office of the European Union, 2021.

[2] The Agency was established by the Law Decree No. 82, 14.06.2021. See https://www.acn.gov.it/en.

[3] Law Decree No. 105, 21.09.2019, in the Italian Official Journal No. 222, 21.09.2019 (in Italian).

[4] The so-called “Network and Information Systems (NIS) Directive”, in European Official Journal L 194, 19.7.2016.

[5] See https://assets.innovazione.gov.it/1634299755-strategiacloudit.pdf (in Italian).

The global maritime industry continues to embrace information technology and operational technology in automating its processes. Increased digitalisation has brought about cyber vulnerabilities, opening the door for cyber-attacks. Cyber-attacks can have serious consequences for crews, ships, and cargos, including casualties, loss of control of ship and ship or cargo hijacking. This research paper examines and discusses the limitations of the current IMO framework. The paper calls for a comprehensive legal framework on cyber risk management through the strengthening of the ISM Code and potentially through creation of a Cyber Code.

Source: marsafelawjournal

Facing “very substantial threats against the maritime critical infrastructure every day,” the Coast Guard has operationalized cybersecurity and “made it part of our prevention and response framework to make sure that we’re getting after this threat at the speed and pace at which it demands,” USCG Assistant Commandant for Prevention Policy Rear Admiral John Mauger told the House Transportation and Infrastructure Committee during a hearing on cybersecurity last month.

The marine transportation system, or MTS, is an integrated network of 361 ports and 25,000 miles of waterways and supports one quarter of U.S. GDP and one in seven American jobs, and “any substantial disruption to marine transportation can cause cascading effects, to our economy and to our national security.”

“Cyberattacks are a significant threat to the maritime critical infrastructure, and while we must continue to work to prevent attacks, we must also be clear-eyed that attacks will occur, and we must ensure that the MTS is resilient,” Mauger said. “Protecting maritime critical infrastructure and ensuring resiliency is a shared responsibility.”

That has included establishing Coast Guard Cyber Command, with cyber forces that “are manned, trained, and equipped in accordance with joint DoD standards, but have a broad range of authorities to address complex issues, spanning national defense and homeland security, including protecting the MTS.” USCG stood up a maritime cyber readiness branch within Coast Guard Cyber Command “as a focal point for maritime threat monitoring, information sharing, and response coordination.”

“The Coast Guard’s approach to protecting the MTS leverages our proven prevention and response framework,” he said. “To prevent incidents, we leverage our authorities in the nation’s ports to set standards and conduct compliance. We refer to this as cyber risk management, and require accountability, assessments, mitigations, exercises, and incident reporting. To prepare for and respond to cyber incidents, Coast Guard sectors are leading field-level exercises with Area of Maritime Security committees, and have established unified commands with FBI and CISA to lead the federal response to cyberattacks in the ports.”

“Cyberattacks will increasingly have physical impacts, beyond computer networks. By incorporating cybersecurity into our prevention and response framework, we provide a comprehensive, all-hazards approach to this threat, but we cannot do this alone. As the co-sector risk management for transportation, we look to both TSA and CISA as key partners.”

Mauger stressed that cybersecurity is “a shared responsibility with the private sector” and “collaboration with the industry is paramount, and focused on information sharing and good governance.” USCG established the National Maritime Security Advisory Committee “to facilitate consultation with industry on standards development” and works with the International Maritime Organization to address the risks posed by foreign vessels. “We are committed to a transparent approach, as we balance the urgency of cyberthreats with informed rulemaking,” he added. “The cyberthreat is dynamic.”

Asked for an update to the Coast Guard’s efforts to improve its own IT systems, the assistant commandant noted that the USCG “approach to protecting the maritime transportation system relies on us having our own ability to defend and operate our networks.”

“Through investments in the CARES Act, with over $65 million in funding, we’ve been able to make significant investments to modernize our infrastructure, and push more information out to our mobile users out in the field, and our cutters underway,” Mauger said. “But all of this is premised, our security is premised, on it being an operational imperative. And so the key thing that’s really driven us forward is the establishment of Coast Guard Cyber Command as an operational command, under the purview of a two-star commander, that oversees our daily mission execution in the IT space. And then the coordination with our CIO, who is driving those investment and modernization projects forward.”

At the port level, Mauger said the Coast Guard is “really focused on working across the prevention and response framework to ensure that we have the ability to defend and then also respond resiliently from attacks.”

“This is a shared responsibility between the private sector and the federal agencies involved, and so we’re doing a number of different things,” he said. “First of all, we put in standards in place that require them to conduct assessments, have an accountable person, develop a plan, mitigate that plan, exercise it, and report incidents. All those pieces are really important. Through those assessments, we then have the opportunity to drive investments through the Port Security Grant Program, to update security posture in the ports. And so last year, $17 million was allocated from the Port Security Grant Program for Cybersecurity.”

“Which side is winning, the increased cyberthreats or increased digital-based safety operational enhancements?” asked Rep. Bob Gibbs (R-Ohio). “How are we doing in this fight, who’s winning?”

“Congressman, it’s not an either/or proposition for us, it’s really an all-of-the-above,” Mauger replied. “And so as the Assistant Commandant for Prevention Policy, we make sure that we bring together the best of our ability to secure private industry, but then be able to respond as well.”

“And so, leveraging our prevention and response framework, we’ve made sure that we’ve taken a multilayered approach to engaging with the industry, sharing information with them at the local level, through the Area Maritime Security Committees, and conducting compliance activities,” he added. “And then at the national level, engaging across the interagency with our National Maritime Security Advisory Committee, with the MTS ISAC, and then with other interagency partners, to make sure that we’re tied together, and providing a comprehensive network, and comprehensive approach to this problem.”

Mauger emphasized to lawmakers that “overall risk management approach, within both the private sector and the federal government” requires accountability.

“You have to have an accountable person; they have to be able to do an assessment and to understand the risks,” he said. “They have to be empowered to manage those risks. And then it also comes back to exercising and reporting. Where it comes to reporting right now, we have to change the paradigm from ‘what is the minimum I need to disclose’ to ‘how can I help protect others’… these incidents cut across so many different infrastructures, and reporting really helps us to make us all stronger.”

Asked how threats and risk-management assistance is communicated to individual ports and throughout the MTS, Mauger replied that “unity of effort within the Coast Guard is part of our DNA, and so we take a multi-level approach to share information at the speed of cyber here with the industry.”

“But this is a dynamic threat environment, and going forward we need to use a combination of both existing tools and new tools, or new methods, to get after the information sharing,” he added. “So for this multi-level approach at the local level, we work through our Area Maritime Security Committees; each of those have established cyber subcommittees that are responsible for that day-to-day sharing of information, for conducting the exercises, for reviewing best practices and understanding how to move forward. Those same people then are integral to response efforts when they occur in the ports. At the national level, we work through a number of different means. We’ve established a maritime cyber readiness branch within our Coast Guard Cyber that really becomes a focal point for threat information dissemination, technical assistance in the field, and connection to the interagency.”

“We’ve embedded folks in CISA, we meet regularly with the other Sector Risk Management Agencies. We engage with the MTS’s information sharing and analysis center. And we look for every opportunity to continue to share information and communicate threats, and understand the vulnerabilities in this industry, so we can protect the MTS.”

Source: hstoday

Cyber attacks targeting the marine sector, and critical infrastructure more broadly, are growing rapidly across the world and in Asia. As the maritime industry undergoes rapid digitalization, ransomware attacks continue to escalate. In fact, hackers are narrowing their focus on organizations in the sector, which are seen as tempting targets due to a perceived lack of cyber security investment and potential for significant operational disruption.

The marine industry being an attractive target for hackers is not new. Since Maersk suffered a devastating US$300 million ransomware attack in 2017, the maritime industry has earned the unfortunate distinction of being the only sector to have all four of the world’s largest shipping companies being hit by cyber attacks in the last four years, namely – Maersk, Mediterranean Shipping Company, CMA CGM and COSCO.

As the industry strives for greater technological efficiency, new vulnerabilities emerge as a result of the growing integration of information and operational technology.

International and national regulatory organisations, as well as industry trade associations, take these threats seriously and call on ship owners and operators, charterers, ports, and other maritime businesses large and small to take action.

We offer technological and scientific expertise to assist you in safeguarding and advancing your critical interests. We are a trusted, independent advisor and security partner for clients who understand that cyber resilience can provide a competitive advantage in a highly regulated and crowded environment.

Source: hackersera

Maersk, MSC, IMO — there is no shortage of maritime security incidents and cyber attacks. As hackers become even more sophisticated in their tactics, it’s inevitable that maritime cyber attacks against OT on ships are becoming the norm rather than the exception. The stats speak for themselves:

Of respondents, 77% view maritime cyber-attacks as a high or medium risk to their organizations, yet only 64% said their organization has a business continuity plan in place to follow in the event of a cyber security incident. Only 24% claimed their security incidents plan was tested every three months, and only 15% said that it was tested every six to 12 months. Only 2 of 5 respondents said that their organization protects vessels from operational technology (OT) cyber threats, and some respondents went so far as to describe their company policy to OT cyber risk as “careless.”

It’s time for the maritime industry to take a look at every aspect of their ship operations to ensure they’re protected and resilient against these growing threats and attacks. Maritime security intelligence begins with a comprehensive understanding of the risks faced. Today’s maritime security incidents and cyber attacks will only grow with continued digitalization and future technological advances.

In this eBook, we will help you navigate the ins and outs of maritime cybersecurity, review security incidents and maritime cyber attacks, address cybersecurity challenges and compliance considerations, and get you geared up to establish your maritime cybersecurity action plan.

Source: missionsecure

Shipowners’ organisation Bimco has urged Nigeria to step up efforts to safeguard seafarers as more and more crew are kidnapped from vessels in the Gulf of Guinea. The plea from the Danish-headquartered body came as the Joint War Committee (JWC) of the Lloyd’s Market Association (LMA) redrew the listed extended risk area in the West Africa region.

Having covered only the exclusive economic zones (EEZs) of Togo, Benin and Nigeria north of latitude 3 degrees north since 2013, the update now includes areas further to the south and east between Lome in Togo and Cape Lopez in Gabon.

TradeWinds News spoke to Dryad Global’s team about the uptick in piracy incidents off West Africa as part of their research.

Analyst Munro Anderson, of security consultancy Dryad Global, told TradeWinds that some incidents are related to “criminal disputes and inter-syndicate activity. However, the evidence suggests this number is small,” he said.

“In addition, we see the increasing prevalence of incidents beyond the traditional heartlands of the Nigerian EEZ as being indicative of a growing trend of insecurity.”

Premiums also increasing

Chris Goddard, CEO, founder and underwriter of marine war risks at Vessel Protect, said additional premiums have increased in 2020 due to a proliferation of piracy in West Africa in both the marine war and kidnap and ransom market.

“The expansion of the Gulf of Guinea notification area is in direct response to the broadening of sustained attacks in the region which began increasing in 2019. The JWC’s decision will increase costs for shipowners operating in the region,” he added.

“However, those who widely adopt best management practice (BMP) and engage in risk mitigation measures such as transit risk assessments conducted by independent maritime security experts will continue to see preferable insurance terms over their peers.”

Source: channel16.dryadglobal

This role has a work from home option and candidate must be able to attend meetings on site as requested.

The Cyber Security Development Operations & Orchestration manager is responsible for supporting critical cyber security functions by orchestrating and automating alerts and processes, engaging in the use case development process, and managing cyber security technologies. This position is highly technical and requires a solutions-oriented person with a “can do attitude”.

Our ideal candidate will have the following:

• Experience administering security technology including: IDS/IPS and other network security tools, Anti-Virus / Anti-Malware, Endpoint intelligence tools, SIEM, Proxy, Forensic tools, DNS, Web Application Firewalls WAF, and Vulnerability Management tools.
• Certifications such as Splunk “power user” or above, CCNA or above, MCSA (Azure Security Engineer associate, Microsoft 365 Certified Security Administrator Associate, or other Microsoft Certifications), Linux certifications, CEH, GCIH, Python certifications.
• Ability to use programming languages such as Python, and PowerShell to automate processes, build APIs and enrich Incident Response alerts.
• Splunk skills including Dashboarding, Data Modeling, CIM compliance, and using SPL to write advanced searches.
• Knowledge of operating systems (Windows and Linux)
• Ability to provide cyber security support by planning, coordinating, integrating and synchronizing cyber defense and prevention activities, ensuring compliance with all applicable state and federal cyber laws and regulations
• Ability to Write Report to communicate Sutter Health’s risk profile impact to peers and management
• Knowledge of cyber security solutions, policies and technologies
• Knowledge of the lifecycle of a network threat and network vulnerability exploitation in a healthcare environment, including the anatomy of a cyber-attack
• Ability to use Internet Technologies including DNS, routing, SMTP, HTTP, DHCP, FTP, etc.
• Experience managing a highly technical team

Position Overview:
As a Cyber Security Manager, you will provide support and guidance to Sutter Health regions and affiliates to develop, implement, operate and manage the Cyber Security program and team. You will represent the Privacy & Information Security Department on project teams and initiatives and work with operations support teams to identify and recommend solutions on security-related issues. You will use your exceptional leadership skills to provide oversight over a broad range of security duties that require a high level of technical understanding. Additionally, you will be accountable to:

Manage the Cyber Security team and ensure Sutter Health is in compliance with information security and privacy laws
Oversee design, engineering, analysis, research, testing and monitoring
Assist in the development, implementation, and maintenance of Cyber Security solutions
Conduct investigations of potential or actual cyber security events and documents, and communicate the risks to executive leadership
Collaborate with Privacy & Information Security staff regarding the development and maintenance of Sutter Health’s Cyber Security program and policies
Serve as Cyber Security Manager and advisor to the Chief Privacy & Information Security Officer, the Executive Director of Cyber Security & Investigations and Sutter Health affiliates

You will work with all levels of staff and leadership and therefore must be able to interact effectively with broad and diverse groups. You should be well organized and be able to prioritize assigned work and convey complex technical topics into language and diagrams understandable to a wide audience.

Qualifications:
Bachelor’s Degree in Computer Science, Information Science or related field or equivalent education/experience
Certified Information Systems Security Professional (CISSP) required within 4 months of date of hire
10 or more years of experience as an IT Security professional with progressively responsible management duties in security solutions and compliance reporting
Proven technical background in systems and network security
Extensive experience with security software, incident response, disaster recovery, firewalls, and network monitoring
Proven experience managing and tracking large scale projects and coordinating/planning resource allocations while tracking commitments to insure on-time delivery
Demonstrated professional experience working with PCI, SOX and HIPAA compliance regulations and applying them to security monitoring and alerting practices
Proven experience working with STIX/TAXXI based Threat Monitoring and Intelligence integration with SIEM solutions
Significant experience engineering High Availability infrastructure solution designs

Preferred Qualifications:
Healthcare information technology industry experience

Source: ziprecruiter

Facing “very substantial threats against the maritime critical infrastructure every day,” the Coast Guard has operationalized cybersecurity and “made it part of our prevention and response framework to make sure that we’re getting after this threat at the speed and pace at which it demands,” USCG Assistant Commandant for Prevention Policy Rear Admiral John Mauger told the House Transportation and Infrastructure Committee during a hearing on cybersecurity last month.

The marine transportation system, or MTS, is an integrated network of 361 ports and 25,000 miles of waterways and supports one quarter of U.S. GDP and one in seven American jobs, and “any substantial disruption to marine transportation can cause cascading effects, to our economy and to our national security.”

“Cyberattacks are a significant threat to the maritime critical infrastructure, and while we must continue to work to prevent attacks, we must also be clear-eyed that attacks will occur, and we must ensure that the MTS is resilient,” Mauger said. “Protecting maritime critical infrastructure and ensuring resiliency is a shared responsibility.”

That has included establishing Coast Guard Cyber Command, with cyber forces that “are manned, trained, and equipped in accordance with joint DoD standards, but have a broad range of authorities to address complex issues, spanning national defense and homeland security, including protecting the MTS.” USCG stood up a maritime cyber readiness branch within Coast Guard Cyber Command “as a focal point for maritime threat monitoring, information sharing, and response coordination.”

“The Coast Guard’s approach to protecting the MTS leverages our proven prevention and response framework,” he said. “To prevent incidents, we leverage our authorities in the nation’s ports to set standards and conduct compliance. We refer to this as cyber risk management, and require accountability, assessments, mitigations, exercises, and incident reporting. To prepare for and respond to cyber incidents, Coast Guard sectors are leading field-level exercises with Area of Maritime Security committees, and have established unified commands with FBI and CISA to lead the federal response to cyberattacks in the ports.”

“Cyberattacks will increasingly have physical impacts, beyond computer networks. By incorporating cybersecurity into our prevention and response framework, we provide a comprehensive, all-hazards approach to this threat, but we cannot do this alone. As the co-sector risk management for transportation, we look to both TSA and CISA as key partners.”

Mauger stressed that cybersecurity is “a shared responsibility with the private sector” and “collaboration with the industry is paramount, and focused on information sharing and good governance.” USCG established the National Maritime Security Advisory Committee “to facilitate consultation with industry on standards development” and works with the International Maritime Organization to address the risks posed by foreign vessels. “We are committed to a transparent approach, as we balance the urgency of cyberthreats with informed rulemaking,” he added. “The cyberthreat is dynamic.”

Asked for an update to the Coast Guard’s efforts to improve its own IT systems, the assistant commandant noted that the USCG “approach to protecting the maritime transportation system relies on us having our own ability to defend and operate our networks.”

“Through investments in the CARES Act, with over $65 million in funding, we’ve been able to make significant investments to modernize our infrastructure, and push more information out to our mobile users out in the field, and our cutters underway,” Mauger said. “But all of this is premised, our security is premised, on it being an operational imperative. And so the key thing that’s really driven us forward is the establishment of Coast Guard Cyber Command as an operational command, under the purview of a two-star commander, that oversees our daily mission execution in the IT space. And then the coordination with our CIO, who is driving those investment and modernization projects forward.”

At the port level, Mauger said the Coast Guard is “really focused on working across the prevention and response framework to ensure that we have the ability to defend and then also respond resiliently from attacks.”

“This is a shared responsibility between the private sector and the federal agencies involved, and so we’re doing a number of different things,” he said. “First of all, we put in standards in place that require them to conduct assessments, have an accountable person, develop a plan, mitigate that plan, exercise it, and report incidents. All those pieces are really important. Through those assessments, we then have the opportunity to drive investments through the Port Security Grant Program, to update security posture in the ports. And so last year, $17 million was allocated from the Port Security Grant Program for Cybersecurity.”

“Which side is winning, the increased cyberthreats or increased digital-based safety operational enhancements?” asked Rep. Bob Gibbs (R-Ohio). “How are we doing in this fight, who’s winning?”

“Congressman, it’s not an either/or proposition for us, it’s really an all-of-the-above,” Mauger replied. “And so as the Assistant Commandant for Prevention Policy, we make sure that we bring together the best of our ability to secure private industry, but then be able to respond as well.”

“And so, leveraging our prevention and response framework, we’ve made sure that we’ve taken a multilayered approach to engaging with the industry, sharing information with them at the local level, through the Area Maritime Security Committees, and conducting compliance activities,” he added. “And then at the national level, engaging across the interagency with our National Maritime Security Advisory Committee, with the MTS ISAC, and then with other interagency partners, to make sure that we’re tied together, and providing a comprehensive network, and comprehensive approach to this problem.”

Mauger emphasized to lawmakers that “overall risk management approach, within both the private sector and the federal government” requires accountability.

“You have to have an accountable person; they have to be able to do an assessment and to understand the risks,” he said. “They have to be empowered to manage those risks. And then it also comes back to exercising and reporting. Where it comes to reporting right now, we have to change the paradigm from ‘what is the minimum I need to disclose’ to ‘how can I help protect others’… these incidents cut across so many different infrastructures, and reporting really helps us to make us all stronger.”

Asked how threats and risk-management assistance is communicated to individual ports and throughout the MTS, Mauger replied that “unity of effort within the Coast Guard is part of our DNA, and so we take a multi-level approach to share information at the speed of cyber here with the industry.”

“But this is a dynamic threat environment, and going forward we need to use a combination of both existing tools and new tools, or new methods, to get after the information sharing,” he added. “So for this multi-level approach at the local level, we work through our Area Maritime Security Committees; each of those have established cyber subcommittees that are responsible for that day-to-day sharing of information, for conducting the exercises, for reviewing best practices and understanding how to move forward. Those same people then are integral to response efforts when they occur in the ports. At the national level, we work through a number of different means. We’ve established a maritime cyber readiness branch within our Coast Guard Cyber that really becomes a focal point for threat information dissemination, technical assistance in the field, and connection to the interagency.”

“We’ve embedded folks in CISA, we meet regularly with the other Sector Risk Management Agencies. We engage with the MTS’s information sharing and analysis center. And we look for every opportunity to continue to share information and communicate threats, and understand the vulnerabilities in this industry, so we can protect the MTS.”

Source: hstoday