Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: https://uscgproceedings.epubxp.com/i/436751
14 Proceedings Winter 2014 – 2015 www.uscg.mil/proceedings The Maritime Industry Of course, the maritime industry must be part of this effort to protect the economy and national security, and it must continue to provide innovative risk reduction and mitiga- tion activities, as well as comprehensive maritime security and communication strategies. These strategies will be most effective if developed through collaboration with stake- holder partners and in accordance with applicable policies, procedures, laws, and directives. While the C 3 Voluntary Program was recently launched as a new program within the DHS Offce of Cybersecurity and Communications, it is really an extension and refocus- ing of the department's long experience in working with industries across the country to transform their outlook on cybersecurity. The program reinforces DHS's larger risk- reduction mission and emphasizes the importance of an all-hazards enterprise risk management approach. DHS invites maritime facilities and organizations to join the program and take advantage of its technical assistance, tools, and resources to ensure a more resilient critical infra- structure for a more resilient nation. In time, we hope the program will serve as a blueprint to sustain this interest in cybersecurity across the country. About the author: Mr. Thad Odderstol is the program director for the Industry Engagement and Resilience branch within the Department of Homeland Security's Offce of Cybersecurity and Communications. The Industry Engagement and Resilience branch serves as the sector-specifc agency to the information technology and communications sectors and provides guidance and exper tise to the crosssector critical infrastructure security and resilience com munity to address National Infrastructure Protection Plan cybersecurity requirements. Endnotes: 1. See www.bloomberg.com/news/2014-02-25/rolls-royce-drone-ships-challenge- 375-billion-industry-freight.html. 2. Executive Order 13636 Improving Critical Infrastructure Cybersecurity and Presiden- tial Policy Directive-21 Critical Infrastructure Security and Resilience. 3. Available at www.nist.gov/cyberframework. Additionally, the program will engage with sector-specifc agencies and organizations to develop guidance on how to implement the Framework for Improving Critical Infra- structure Cybersecurity, and then broaden the program's reach to all critical infrastructure and businesses of all sizes that are interested in using it. The critical infrastructure cyber community will share resources and lessons learned and build a sustained com- munity of interest around cyber risk, via C³. As more people become interested and want to reduce cyber risk to their organizations, this community will include a broader range of stakeholders. The vision is to offer a place for industry, state and local governments, and many other organizations to convene and discuss evolving cyber risk management needs and forge solutions. The Critical Infrastructure Cyber Community Voluntary Program features more than 30 DHS programs and tools, including a comprehensive program overview, download- able tools, and outreach materials, all available online at www.dhs.gov/ccubedvp and www.us-cert.gov/ccubedvp. Outreach For example, companies and organizations may download an outreach and messaging kit that includes informational materials for easy printing and/or electronic distribution to help educate stakeholders regarding C 3 and a slick sheet for chief executive ofcers and other leaders regarding cyber risk management. Cyber Resilience Review The DHS Cyber Resilience Review (CRR) is a voluntary, non- technical assessment that evaluates an organization's opera- tional resilience and cybersecurity practices. The CRR assesses enterprise programs and practices across a range of 10 domains, including risk management, incident management, and service continuity. It maps to the Frame- work for Improving Critical Infrastructure Cybersecurity, and allows users to conduct a self-assessment or access an on-site assessment that DHS cybersecurity professionals facilitate. To learn more about the CRR or to download tools, visit www. us-cert/gov/ccubedvp. Online Resources For more information: To join the C 3 Voluntary Program or learn more about upcoming events, please visit www.dhs.gov/ccubedvp or www.us-cert.gov/ccubedvp or email the program at CcubedVP@hq.dhs.gov