NATONAL CYBERSECURITY AWARENESS MONTH OCTOBER 2019

“OWN IT, SECURE IT, PROTECT IT”

Attention all Facility and Company Security Officers, the month of October 2019 is National Cybersecurity Awareness Month (NCSAM).  To help promote awareness activities, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the National Cyber Security Alliance (NCSA), have co-published a Toolkit to help us all “#BeCyberSmart”.  The overarching theme for this year is “OWN IT, SECURE IT, PROTECT IT”- and will focus on key areas including citizen privacy, consumers devices, and e-commerce security.

The 2019 Toolkit has Top Tips to share during NCSAM; Engagement Ideas, Criteria for Hosting a NCSAM Partner Event and other useful Cybersecurity Initiatives.  In this day and time cybersecurity threats are REAL!  There are numerous incidents where maritime facilities and companies have been attacked in recent years and the damages are “catastrophic” in cost, downtime and loss of customer trust.  

To access a free copy of the NCSAM 2019 Toolkit, simply click on the link and print or download;

https://niccs.us-cert.gov/sites/default/files/documents/pdf/dhs_ncsam2019_toolkit_508c.pdf?trackDocs=dhs_ncsam2019_toolkit_508c.pdf

Cybersecurity is everyone’s responsibility!  Let Seebald & Associates be your partner in cybersecurity.  We work with our trusted partner, MAD Security, to provide cyber assessments, virtual Chief Information Security Officer (vCISO) functions, and 24/7/365 network monitoring, intrusion detection, vulnerability scanning, and log correlation.  Contact Cliff Neve at This email address is being protected from spambots. You need JavaScript enabled to view it. or 540 809 8549 for more information.  Also, be on the lookout shortly for the monthly Seebald & Associates Monthly Drill reminder for October 2019 which will focus on an element of Cybersecurity that you can conduct within your organization!  “OWN IT, SECURE IT, PROTECT IT”.

Hopefully you view your vessel or Facility Security Plan (FSP) as an important part of your overall security program.  But do you know how those plans fit into The Big Picture?  Believe it or not, you are an integral part of our nation’s overall strategy to protect critical infrastructure and our Homeland.

One step up from an individual FSP is the local Area Maritime Security Plan.  This plan, written by the Area Maritime Security Committee (AMSC), helps guide the Coast Guard Captain of the Port on addressing security issues across the port area. 

AMSC’s are made up of private sector representatives as well as various government officials, so you could be a member or simply participate in AMSC meetings if you’d like to contribute beyond your own fence line or gunwale.  Check the list of AMSC contact points here, or we at S&A would be glad to introduce you to your local AMSC coordinator at any time.   

Those AMSPs feed into higher level maritime security plans, and contribute to plans and strategies at the Department of Homeland Security level.  The National Infrastructure Protection Plan (or “NIPP”) organizes critical infrastructure into various Sectors (energy, transportation, healthcare, etc.), and lays out information sharing and partnership frameworks to counter broad threats, such as terrorism, natural disasters, and cyber. 

Very recently, DHS published their Strategic Framework for Countering Terrorism and Targeted Violence.  One of its goals is to Enhance U.S. Infrastructure Protections and Community Preparedness.  Outside of the Coast Guard and DHS, there are other strategies of interest.  For example, the National Cyber Strategy specifically addresses maritime cyber security. 

These plans and strategies don’t solve all of our security problems, but they do represent hard working public servants and private sector contributors working to protect our nation.  At Seebald & Associates, we are proud to work with the many patriots in the maritime industry to do our part in this worthy goal. 

As reported in numerous media accounts, coordinated drone strikes have caused extensive damage to crude oil production facilities in Saudi Arabia. 

Seebald & Associates has no reason to believe that similar attacks are planned against U.S. oil facilities.  Any such warning would come from the Department of Homeland Security, the U.S. Coast Guard, or Federal Bureau of Investigation.  Nonetheless, there are actions U.S. maritime facilities can take to better prepare for attacks in the United States, should they occur.

  • Ensure your personnel are alert for drone activity near your facility or vessel.  Report any drone sightings to the National Response Center at 1-800-424-8802, and to your local Coast Guard Captain of the Port.  Terrorists are known to conduct surveillance and to rehearse planned attacks.  Reporting enables law enforcement and intelligence agencies to take prompt action, potentially interrupting or stopping a planned attack. 

  • The Federal Aviation Administration (FAA) describes drones as “Unmanned Aircraft Systems” (UAS).  For information on FAA rules pertaining to UAS, visit https://www.faa.gov/uas/.

  • Review your MARSEC procedures and other contingency plans.  A drone attack could result in deaths, injuries, fire, pollution, or damage to critical infrastructure.  Well thought out contingency plans can save lives and help you return to business quickly.  S&A can help you develop contingency plans that meet your business and security needs.    

  • After reviewing your plans, conduct a drill or exercise.  If properly documented, this could count as one of your Coast Guard required drills or exercise. 

  • Review your Facility Security Assessment.  Does it consider this type of scenario, or other technology or cyber based threats?  Unfortunately, terrorists and criminal organizations now have capabilities that were previously only available to the most advanced organizations.  FSO/VSOs should work with your organization’s cyber professionals to consider and prepare for cyber-attacks, including combined physical/cyber-attacks. 

  • Build a strong security culture and remind all your personnel to be alert for suspicious activity.  An alert and well trained work force is your best defense.

 

The Department of Homeland Security, including the U.S. Coast Guard, use various means to notify the public about security concerns.  The Coast Guard uses MARSEC (maritime security) Levels to signify elevated threat conditions, and to require the increased security measures specified in Facility Security Plans and Vessel Security Plans.

While the Coast Guard’s MARSEC system is specific to the maritime industry, DHS’s National Terrorist Advisory System is intended for everyone, and does not carry specific requirements.  Recently, DHS revised NTAS to include three types of advisories: 

  • An NTAS “Bulletin” describes current developments or general trends regarding threats of terrorism.
  • An “Elevated Alert” warns of a credible threat against the United States that is general in both timing and potential location, and for which it is reasonable to adopt additional protective security measures.
  • An “Imminent Alert” is intended to warn of a credible, specific and impending terrorist threat or on-going attack.

The Coast Guard and the Department of Homeland Security coordinate closely on MARSEC and NTAS activity. 

While the thought process behind NTAS and MARSEC are very similar, an NTAS Alert will not necessarily lead to an increase in MARSEC Levels.  For example, one can imagine a credible threat scenario against a sector of our economy or area of our nation that does not include a significant maritime nexus, and therefore might not lead to a MARSEC increase.

At Seebald and Associates, we encourage our clients to be aware of both systems.  Be sure you understand your own MARSEC responsibilities and are prepared to implement them if and when required.  Also, even if the Coast Guard does not raise MARSEC, you may to decide to implement some or all of your MARSEC actions based on an NTAS alert, or any other information that you think suggests a threat to your activities and people. 

Raise your hand if you are fine with business coming to a screaming, and expensive halt for, say a month or two.  A cyber-attack can be the business equivalent of a deadly, metal-on-metal sound coming from under the hood of your car.  Sure you can get it fixed, but it won’t be quick, or cheap, or easy.  A ransomware attack on the City of Baltimore had just this effect.  

At Seebald & Associates, we can’t prevent all cyber-attacks, but we can help organizations recognize their risk and build resilience.  We address cyber security during training courses, audits, and security assessments. Our goals during these activities are as follows:

  • We help FSOs and others to recognize that many of the systems they use have cyber components – and therefore cyber vulnerabilities.  These systems could be anything from simple wi-fi enabled cameras and web-based employee alert systems to sophisticated cargo and industrial control systems.

  • During audits and assessments, we gauge the client’s overall approach to cyber security, addressing, in the most basic of terms, topics such as employee training, network access policies, IT/OT segregation, and the role of cyber security in MTSA regulated functions such access control and cargo systems.

  • We encourage cooperation between FSOs/VSOs and the organization’s dedicated cyber security professionals.  This cooperation should include suspicious activity reporting, risk assessment and mitigation activity, and response operations.  

  • We encourage cyber professionals to participate in information sharing organizations, and to take advantage of well recognized cyber security standards and resources, such as are published by NIST,SANS, and CISA.

Maritime organizations will increasingly require more technical assistance, and we are proud to refer them to Make A Difference with MAD Security.  MAD Security is a highly respected managed security services organization with close ties to S&A and experience working with port and waterways organizations, industrial and other private sector clients, as well as with the U.S. Coast Guard, the Department of Defense, NASA, and other government agencies.  They provide 24/7 network monitoring and intrusion detection and will ensure you become compliant with emerging Coast Guard/DHS requirements. So go ahead and get MAD.  With their cyber expertise, and S&A’s holistic approach to security, your vessel or facility can be well prepared and resilient when (not if!) cyber or other threats come your way.