Proceedings Of The Marine

WIN 2015

Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.

Issue link: http://uscgproceedings.epubxp.com/i/436751

Contents of this Issue

Navigation

Page 66 of 94

64 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings NRC if these organizations receive some tangible beneft from reporting. It is the duty of the public sector, including elements at all levels of government, to establish response plans to cyber incidents so recovery plans are in place. Suc- cessful mitigation and recovery will lead to future report- ing, which better arms the government with information about attacks. This reporting and recovery cycle continues to feed itself, creating the best scenario for the most up-to- date threat information, combined with the best possible tools to respond to such threats. Although it remains perceptibly different from physical security in the eyes of many in the emergency preparedness communities, cybersecurity follows all the same require- ments when it comes to recovery. Instead of framing cyber as its own problem with its own solutions, it is necessary for local communities to address the issue head-on and compre- hensively, knowing that cyber insecurities can create physi- cal problems. Without preparing for the future effectively, we will simply be unsuccessful when it comes to recovery. About the author: Mr. Weston R. Laabs is an intelligence operations specialist at U.S. Coast Guard Sector Lake Michigan. In this capacity, he functions as the sector intelligence staff cybersecurity specialist. Prior to this position, he served as an intelligence analyst with the Michigan Intelligence Operations Cen ter, Michigan's DHSsponsored fusion center. He holds a master's degree in law enforcement intelligence and analysis and a bachelor's degree in interna tional relations from Michigan State University. Endnotes: 1. Visit www.computerworld.com/article/2475227/cybercrime-hacking/hack-in- the-box--researchers-attack-ship-tracking-systems-for-fun-and-proft.html. 2. A hacktivist is a computer hacker whose activity is aimed at promoting a social or political cause. 3. See www.uscg.mil/d8/msuBatonRouge/mtsa.asp. Bibliography: Cyber Security and the Marine Transportation System (MTS). ALCOAST 122/14. Wash- ington, DC: U.S. Coast Guard, 2014. Available at www.uscg.mil/announcements/ alcoast/122-14_ALCOAST.txt. The Maritime Transportation Security Act of 2002. Available at www.gpo.gov/fdsys/pkg/PLAW-107publ295/pdf/PLAW-107publ295. pdf. immediately causing the audience to tune out is to relay cyber as a method, not a target. Cyber incident reporting needs to be secured and han- dled separately than other suspicious activity reports. The Department of Homeland Security has time-tested abilities to receive and report on cyber-specifc incidents without compromising public trust of the reporting organization. Actionable intelligence is not derived from the name of a victim; instead, the bad actor's tactics, techniques, and procedures are the real substance of any report. Specifc attacking IP addresses, intrusion methods, and malware flenames, and hashes are extremely useful to organiza- tions trying to secure systems from attack. Assuring timely actionable technical information reporting related to cyber attacks will offer cross-sector personnel the best chance to mitigate the same or similar attacks against their own net- work infrastructures. Embracing Changes Cyber crime is not going away. In the homeland security and emergency management worlds, there are constant responses to new threats and challenges, including radia- tion detection equipment, anthrax awareness, and active shooter training. All have been recently promoted as neces- sities to improve resilience among frst responder communi- ties. However, unlike these evolving threats and challenges, cybersecurity is deeply interwoven into almost all aspects of life. From our basic utilities to our communications plat- forms, all are dependent upon functioning cyber platforms. As cyber continues to grow in importance, investing in its security is the best chance we have to remain one step ahead of the criminals and hacktivists attempting to uproot the system. Therefore, to keep up with emerging cyber technol- ogy and threats, constant interaction between the public and private sectors is critical, but cannot remain as one-sided as it has in the past. MTSA-regulated and other critical infra- structure facilities will only report cyber breaches to the

Articles in this issue

Links on this page

Archives of this issue

view archives of Proceedings Of The Marine - WIN 2015