USCG: Cyber security continues to be a key focus area

Challenges

#1 Impacts of COVID-19

• COVID-19 and the associated social distancing requirements created challenges for inperson AMSC meetings and exercises.
• Industry and governmental partners were increasingly reliant on virtual platforms which accommodated attendee schedules but were not ideal for developing and maintaining relationships.
• The virtual environment introduces security concerns depending on the nature of the discussion.

#2 Cybersecurity and the MTS

• Public and private sectors are challenged to find a trained and experienced cyber workforce.
• Some AMSCs noted current cyber incident reporting requirements and enforcement capability for failing to report are not sufficient.
• A number of AMSCs also stated the maritime industry is concerned with maintaining privacy after making a report as information is shared across government.
• AMSCs also noted they regularly receive the same cybersecurity alerts, warnings, and general information from multiple agencies.

#3 Unmanned Aircraft Systems (UAS) access to the MTS

• UAS intrusions over MTSA regulated facilities continue to generate questions and concerns, and AMSCs feel UASs are a serious threat to maritime safety and security.
• AMSCs report that the existing federal legislation aimed at reducing the risk of UAS to port areas has been largely ineffective, and all levels of law enforcement lack the authority, policies, and equipment to identify and safely interdict unauthorized UAS.

Suggestions

The AMSC reports identified many helpful and practical suggestions highlighted below.

#1 Cybersecurity/Cyber Risk Management

• AMSCs suggested CG Cyber Command and the Office of Port and Facility Compliance (CG-FAC) should establish a uniform way to communicate cyber alerts and advisories.
• Others suggested to provide approved cybersecurity training for AMSC members, which would outline the roles of the Coast Guard in regards to cyber incident response efforts.
• AMSCs should also start to discuss the expected emerging technology in the next few years (e.g., integration of 5G networks) and start to develop mitigation strategies.

#2 Homeport 2.0

• Homeport 2.0 is difficult to navigate and some AMSCs suggested an overhaul of Homeport that ensures the secure side of the Homeport is more accessible and userfriendly.
• AMSCs would benefit from training on the functions of Homeport 2.0 and a more comprehensive user guide.
• AMSCs also suggested using alternate platforms such as the Homeland Security Information Network (HSIN) Community of Interest forum to encourage AMSC participation.

#3 UAS

• AMSCs suggested the Coast Guard and Department of Homeland Security (DHS) support new state and local legislation, or the modification of current federal legislation, to provide federal, state, and local law enforcement with the tools to interdict and prosecute cases where maritime infrastructure and key assets are at risk from UASs.
• An AMSC recommended a Nationwide AMSC UAS forum, similar to the National AMSC Cyber Subcommittee.
• AMSCs also feel the Coast Guard should explore adding MTSA-regulated facilities to the Federal Aviation Administration (FAA) flight restriction list and implement across the country.
• The Coast Guard should also provide training on Counter-UAS technology and enforcement tools and capabilities.

#4 Active Shooter (AS)/Active Threat (AT) Incidents

• AMSCs note that AS/AT situations continue to increase nationwide. AS/AT in the Maritime Domain is now a major concern as ferry systems and maritime based attractions are potential targets.
• AMSCs recommended national-level policy to address the disparities between Coast Guard and local law enforcement use of force, which can hinder the creation of local level AS/AT plans and training.

#5 Restructure the PSGP

The current structure of the PSGP has the project investment justifications (IJs) from MTSA-regulated entities (potential terrorist targets), competing against IJs from emergency response agencies who would try to aid them following a Transportation Security Incident.

EXPLORE MORE AT AMSC’S REPORT