Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: http://uscgproceedings.epubxp.com/i/436751
54 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings A second group, which includes facility security offcers and facility information technology personnel, Coast Guard information technology and port security specialists, and FBI and Secret Service agents, addresses cybersecurity's technical side. This group also has signifcant membership crossover with the offcial AMSC facility security offcer subcommittee, enabling direct appropriate information fow from this group into the area maritime security committee, as a whole. The Way Forward The federal government cannot address MTS cybersecurity vulnerabilities and risks in a vacuum. We must continue outreach to all levels of government and industry, initiate discussions with port partners, and harness industry best practices to overcome cybersecurity threats. At the same time, Coast Guard leadership is refning internal priorities, intelligence collection processes, response protocols to cyber incidents, and information sharing procedures to ensure that cyber threat information reaches the correct parties for analysis and action. About the author: LCDR Maureen Johnson is a 2001 graduate of the U.S. Coast Guard Acad emy. A career prevention specialist, she has worked in facility and vessel inspections, port security, marine casualty and suspension and revocation investigations, aids to navigation, and waterways management. She has a master's degree in Leadership, Disaster Preparedness and Crisis Manage ment from Grand Canyon University. Endnotes: 1. Available at www.dhs.gov/national-infrastructure-protection-plan. 2. Captain of the Port authority is described in 33 CFR Subchapter P, the implement- ing regulations of the Ports and Waterways Safety Act, 33 USC 1221. As such, the COTP enforces regulations that protect vessel, harbor, and waterfront facility security, and holds authority, including over anchorages, security zones, safety zones, regulated navigation areas, ports, waterways and deepwater ports. 3. Federal maritime security coordinator is an additional title given to the captain of the port. It is not an entirely separate authority. With the title comes the authoriza- tion to establish and administer the AMSC and plan, as outlined in 33 CFR 103.205. 4. Energy Department Develops Tool with Industry to Help Utilities Strengthen Their Cybersecurity Capabilities. June 28, 2012. Available at http://energy.gov/ articles/energy-department-develops-tool-industry-help-utilities-strengthen- their-cybersecurity. Cyber Threat Information Management In August 2013, the U.S. Coast Guard released information stating that the ofcial way to report cybersecurity inci- dents/breaches to the agency is via the National Response Center (NRC). This is wholly appropriate, as industry is already well familiar with the reporting protocol to the National Response Center. Before then, cyber incident reporting had been rare. Between 2010 to 2013, fewer than fve incidents were reported to the Coast Guard, since reporting has not been mandatory, unless the cyber incident leads to a transportation secu- rity incident. Moreover, minimal reporting could be due to any of several factors, including lack of awareness that cyber inci- dents should be reported to NRC, lack of facilities actually monitoring the integrity of their cyber system secu- rity, failure of industry information technology personnel to communicate breaches to the facility/vessel security ofcers, and /or lack of recognition of the risks inherent in cyber systems. Existing information sharing pathways throughout the Coast Guard and with port partners are largely appropriate for handling the sharing of cyber threat information, with a few modifcations that are currently underway. When NRC receives a cybersecurity inci- dent report, it is immediately relayed to the proper Coast Guard sector and CG Cyber Command and then to the Intel- ligence Coordination Center. The sector may investigate and develop an intel- ligence report and transmit it to the Maritime Intelligence Fusion Center and /or the district intelligence ofce, and ofce personnel may issue an intel- ligence product to inform future oper- ational decision making. Finally, the National Cybersecurity and Commu- nications Integration Center, the DHS National Operations Center, and any applicable local fusion center, as well as pertinent state and local agencies, may receive the incident report. Co a s t G u a r d l e a d e r s r e co g n i z e c yber se curit y incident s must be treated with confdentiality, otherwise the maritime industry may be reluc- tant to report any security breaches. Depending on the nature of the breach, information contained in a report may identify signifcant vulnerabilities in a company's system or protocols. There- fore, procedures for sharing sensi- tive information among necessar y parties must ensure that it is carefully controlled at all cognizant govern- ment ofces, without unduly hindering sharing by adding a "secret" or higher classifcation. Coast Guard personnel also post cybersecurity policy, threat informa- tion, and best practices on Homeport for industry partners with granted access. Reach the National Response Center at (800) 424-8802.