How Industry Feedback is Shaping Maritime Cybersecurity Regulations
The US Coast Guard (USCG) is charting a course towards more secure waters with proposed cybersecurity regulations for US-flagged vessels. Industry feedback is playing a crucial role in shaping these regulations, with comments highlighting concerns about burden, practicality, and alignment with existing measures. The USCG recognizes the increasing reliance on cyber-connected systems in the maritime industry. While they enhance operational efficiency, they also expose vulnerabilities. The Colonial Pipeline hack in Spring 2021 serves as a stark reminder of the potential consequences of cyberattacks.
What are the industry's main concerns?
- Burden on Smaller Companies: Smaller companies, like those in tug and barge operations, lack large IT departments and rely on external consultants. They request risk-based plans tailored to their specific needs.
- Alternative Security Plans: Industry groups like the American Waterways Operators (AWO) propose incorporating cybersecurity into existing security plans to avoid duplication.
- Streamlined Reporting: Concerns exist about excessive reporting requirements. Industry suggests establishing thresholds for reportable incidents and streamlining reporting through the National Response Center.
- Cybersecurity Officers: The proposed regulations mandate cybersecurity officers on every vessel. Industry argues this may not be practical and suggests alternative approaches.
- Drill Frequency: The proposed frequency of cybersecurity drills is seen as excessive by some.
Major shipping lines like Maersk Line are calling for clear, standardized, and risk-based regulations that leverage existing best practices. They advocate for a balance between security and practicality.
The USCG issued a Notice of Proposed Rulemaking (NPRM) regarding cyber security for US-flagged vessels in late February 2024. The comment period has now closed, and the USCG is currently reviewing industry comments. The final regulations are expected to be a well-charted course, incorporating industry feedback to ensure effective and practical measures that safeguard the maritime industry from cyber threats.
#Cybersecurity #USCG #ShippingIndustry #Shipping #MaritimeCybersecurity #MaritimeSafety
Non Executive Director at Saga Shipping A/S
3wGreat to see a conference on "Safety" - I thought it had been lost to net zero ambitions!!