Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/436751
16 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings Technologies and security programs that satisfy the desig- nation-level requirements receive risk management protec- tions, including liability caps at the amount for which the entity is insured, exclusive jurisdiction in federal court, and bars against punitive damages and prejudgment interest. Technologies and security programs with the higher cer- tifcation-level receive all the benefts of designation, with the added beneft of providing immunity from third-party liability arising from an act of terrorism. 6 Also, SAFETY Act approval could arguably reduce potential cyber liabilities that do not arise out of an act of terrorism by demonstrating that the organization took reasonable mea- sures to minimize or mitigate a reasonable threat through its cybersecurity program, which has been vetted and deemed effective under the SAFETY Act. 7 Cybersecurity Insurance Finally, cybersecurity insurance has evolved in recent years to cover many of the contingencies that may occur as a result of cybersecurity incidents. It may be purchased as a stand- alone product or, in some cases, as part of a comprehen- sive policy. Those who operate ports, marine terminals, and other critical infrastructure businesses should closely exam- ine their comprehensive policies with counsel to determine whether they cover cybersecurity incidents and losses. to further reduce liability risk for cyber-related incidents are protection under the SAFETY Act and cybersecurity insurance. The SAFETY Act The Support Anti-Terrorism by Fostering Effective Technol- ogies (SAFETY) Act 4 allows businesses that sell anti-terror- ism products, services or technologies, or that develop and implement their own cyber or physical security technolo- gies, to mitigate a signifcant portion of their cyber-related risk by capping or even eliminating third-party liability arising out of designated "acts of terrorism." 5 The SAFETY Act provides two levels of protection — desig- nation and certifcation. The process requires initial regis- tration with the Department of Homeland Security (DHS), an optional pre-application process that includes DHS pre- application evaluation and a full DHS application review. The process can be lengthy and information intensive. For this reason, it is helpful to obtain legal advice and assistance to understand the act's nuanced benefts and requirements and to navigate the pre- and post-award processes. Designa- tion and certifcation levels are valid for fve years and are subject to renewal in fve-year increments thereafter. It is important that ports conduct cyber vulnerability assessments. Anek_s / iStock / Thinkstock