By Ira Breskin – NEW YORK –The local Coast Guard unit now is implementing critical lessons learned from a recently completed turbocharged cybersecurity review.
That’s the message delivered by two-sector New York Coast Guard officers to more than 100 attendees at the 13th annual Marine Insurance Day hosted here earlier this month by the American Institute of Marine Underwriters.
What spurred Coast Guard New York to refocus on cybersecurity was a recent, troubling incident. In March 2019, a 1,000 foot LOA, US-flagged container ship inbound to the Port of New York and New Jersey issued a Cyber Safety Alert, perhaps the first-ever
The unrealized threat: the vessel’s shipboard network had been disabled. Such threats should be reported under the terms of the Maritime Transportation Security Act of 2002.
While a subsequent investigation by federal and local agencies determined that the incident was benign, local USCG personnel nevertheless redoubled security efforts given the serious potential threat, said. Lt. Emily Miletello, an attorney.
Similarly, the Port of Los Angeles plans to start what is labeled the first-of-its kind-cyber resilience center to mitigate port-related security risks. It has issued a Request for Proposal.
“This is uncharted territory. [Response] capabilities are rapidly evolving,” Miletello said. “The maritime industry lags behind other industries,” she said.
Also, cyber-security specific domestic and international regulations still are formative.
Sector New York USCG immediately responded to the March incident by emphasizing Cyber Hygiene 101. Recommended practices include segmenting portions of a ship’s communication network and discouraging a crew’s liberal use of unvetted data storage devices.
Subsequent USCG actions included increasing “cyber seaworthiness” by convening meetings to learn cybersecurity best practices from local industry sectors, such as financial services and health care, and other government agencies.
“New York is so robust. It has lots of resources,” Miletello said.