It’s football season, and I hope you all will help Ed by cheering on the Buffalo Bills, who will doubtless go to the Superbowl this year.  Just ask him! 

In between games, give some thought to cybersecurity, where the goalposts always seem to be moving.  Most of us can find the combination of ever evolving threats and countless new standards to be overwhelming. 

Here at Seebald & Associates, we keep in close contact with cybersecurity experts at the U.S. Coast Guard, and at the Cybersecurity and Infrastructure Security Agency (CISA), to provide you with the best, most credible advice on how to manage your cybersecurity risks while meeting Coast Guard requirements.

CISA recently published “Cross-Sector Cybersecurity Performance Goals”.  This document, which is written in plain language, is a set of voluntary core cybersecurity practices.  It is intended to reduce risk for both individual organizations and our nation’s critical infrastructure.  You can access the document at https://www.cisa.gov/cpg.

The U.S. Coast Guard is encouraging vessel and facility operators to consider these performance goals.  You can read the Coast Guard’s information on this topic at https://mariners.coastguard.blog/2022/11/08/cisa-releases-cross-sector-cybersecurity-performance-goals/

According to CISA, these performance goals can help address the concerns of small and medium sized businesses who struggle to know where to focus and invest their scarce cybersecurity resources.  Our cybersecurity experts at S&A agree that this is a valuable addition to the best practices developed by CISA, and jointly promulgated with the Coast Guard.

Cybersecurity really does have moving goalposts.  But to make that touchdown every time for our clients, Seebald & Associates constantly updates our training aids, audit checklists, and Facility Security Assessment processes to reflect current standards and best practices.  The audit we provide next year will be different from this year’s, especially in cyber.  This is how we ensure that your security programs provide meaningful security that reduces compliance, operational, and reputational risk. 

For all the latest in cyber and other security issues, be sure to attend our upcoming Security Symposium, 30 January – 2 February 2023 in Tampa, FL.  We’ll have an impressive list of senior Coast Guard and industry experts who will address cybersecurity, TWIC, preparing for protest activity, security guard management, and more.  To register and for more information, go to at https://fsosymposium.com/.  

Further Delay to the TWIC Reader Rule

Below is the excerpt from the Office of Information and Regulatory Affairs outlining the Coast Guard’s intentions with a further delay for the TWIC reader rule to May 8, 2026.

On August 23, 2016, the Coast Guard issued a final rule, requiring owners and operators of certain vessels and facilities regulated by the Coast Guard to conduct electronic inspections of Transportation Worker Identification Credentials (TWICs) as an access control measure (81 FR 57651).  On March 9, 2020, Coast Guard published a final rule, delaying the effective date of the 2016 TWIC reader rule for three categories of facilities (85 FR 13493).  This rulemaking would further delay portions of the August 2016 final rule.  The Coast Guard would delay the effective date for the three categories of facilities by at least an additional 3 years (until May 8, 2026) or later depending on the outcome of the Homeland Security Operational Analysis Center (HSOAC) study and consideration of public comments.  The study is estimated to be completed no earlier than June 2022.

The three facility categories that would be delayed are:

  1. Facilities that handle certain dangerous cargoes in bulk, but do not transfer those cargoes to or from a vessel
  2. Facilities that handle certain dangerous cargoes in bulk, and do transfer those cargoes to or from a vessel
  3. Facilities that receive vessels carrying certain dangerous cargoes in bulk, but do not, during that vessel to facility interface, transfer those bulk cargoes to or from said vessels

You can read the entire rule intentions at:  View Rule (reginfo.gov)

TLP-GREEN_Maritime_Cyber_Alert_02-22_Log4Shell.jpg

2TLP-GREEN_Maritime_Cyber_Alert_02-22_Log4Shell.jpg

3TLP-GREEN_Maritime_Cyber_Alert_02-22_Log4Shell.jpg

4TLP-GREEN_Maritime_Cyber_Alert_02-22_Log4Shell.jpg

5TLP-GREEN_Maritime_Cyber_Alert_02-22_Log4Shell.jpg

 

USCG-MSIB-02-22-Cybersecurity.jpg 

 USCG-MSIB-02-22-Cybersecurity2.jpg

Cyber Threat

In the past month, the Cybersecurity and Infrastructure Security Agency (CISA) has published a series of alerts and advisories related to cyber threats to U.S. critical infrastructure from Russian state sponsored cyber operations.  In some cases, these advisories have been jointly released by CISA, the Federal Bureau of Investigation, and the National Security Agency.  Coast Guard Captains of the Port and Area Maritime Security Committees have also distributed these advisories to port partners.

We are continuing that process to be sure that all Seebald & Associates clients are aware of the threat, and the actions you can take to improve your preparedness.

I also want to be sure that everyone understands why conflicts thousands of miles from our borders could be a threat to your operations and security.

First, State sponsored cyber attackers may target U.S. infrastructure in retaliation for any actions the U.S. takes as part of this conflict.

Second, the nature of malware is that it moves quickly from targeted to non-targeted systems, with no need for additional human direction.  From the attacker’s perspective, the harm to third parties is simply a bonus.

Third, recognize that cyber disruptions to your systems, whatever their origin, may increase your vulnerability to cyber and non-cyber-attacks.  This could be due to degraded security systems, such as cameras and sensors, or simply because leadership and front line personnel alike are focused on other areas. 

Some of the most relevant advisories on this topic include

Russia Threat Advisory, https://www.cisa.gov/uscert/russia

Understanding Russian Threats, https://www.cisa.gov/uscert/ncas/alerts/aa22-011a

“Shields Up”, https://www.cisa.gov/shields-up

CISA/FBI/NSA Joint Advisory, https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/cisa-fbi-and-nsa-release-cybersecurity-advisory-russian-cyber

Current Activity:  https://www.cisa.gov/uscert/ncas/current-activity

So take the time now to discuss security with your physical and cyber security personnel alike.  Ensure your cybersecurity personnel are fully aware of the risk and have taken action appropriate to your network.  Ensure physical security personnel are also aware and alert for suspicious activity and other security concerns.

As always, please contact Seebald & Associates for all your security needs.