Facility Security Officer Academy & Symposium Blog 3
- Posted by Drew Tucci
Keeping it Fresh.
Nineteen new arrivals showed up on day two of the S&A FSO Course and Security Symposium. These were seasoned FSOs, here to learn and contribute at the FSO Refresher Course. Our FSO Refresher course helps FSOs and senior executives stay sharp.
Our new participants represented over 400 years of experience, and this is what makes the Refresher Course so valuable. While S&A instructors provided an overview of threats, emerging Coast Guard policies, and related issues, the students all had their own stories of security incidents, best practices, and other “nuggets of knowledge” that others could benefit from. In some cases, the students used Post-it notes to share some of their suggestions.
The students in Refresher courses tend to be rather vocal, and today’s class was no exception. While S&A Master Instructor Brian Kelly started with a planned agenda, the contribution from students often dominated the discussions. Emerging threats and technologies were a popular topic. One of the participants promised to share a video of a drone using a flame thrower, which we all look forward to seeing at a future course.
Of course the class is also discussing new requirements, including cyber security, a review of MTSA fundamentals, and trends in Coast Guard compliance actions. The networking lunch, which Ed Seebald so kindly provided, included yet more discussions on practical matters such as security camera vendors, and how effective the access control and credentialing solution, MAGNAR FortifiD, has been with existing customers.
Stay tuned, tomorrow the classes end and the Symposium begins with special guest speakers, Captain of the Port Panel, and more...
Facility Security Officer Academy & Symposium Blog 2
- Posted by John Bingaman
Afternoon, Day 1 in the heart of New Orleans French Quarter – During an energetic networking lunch, the diverse maritime industry participants engaged with and learned more about each other as well as getting to know their Seebald Associates. After which, the afternoon session kicked off with a video and discussion on high reliability security procedures that prevent and deter security incidents; an environment we all desire to promote and nurture!
The expert team of the Seebald Associates provided snippets of insight and experiences to enhance the training experience, while Joe Hester kept the learning lively and fun! Digging into domestic and international law, the Code of Federal Regulations and Coast Guard policies is a tough act after lunch, but there was not a sleepy eye in crowd due to the dynamic and interactive master-level teaching techniques used to convey the dry, but necessary knowledge an FSO must be trained in. Well, honestly, a “cup of joe” also helped keep the 70 eye lids open!
By the way, the beignets were consumed in short order! Blogging from the heart of the French Quarter… ‘Restez en Scurit!’ – Stay Safe and Secure!
Facility Security Officer Academy & Symposium Blog 1
- Posted by Drew Tucci
The Seebald & Associates Facility Security Officer (FSO) Course and Security Symposium kicked off this morning in New Orleans with the largest class to date. After coffee and beignets, 35 students settled in to begin their FSO course, led by S&A Instructor Joe Hester. The students included several active duty Coast Guard personnel as well as people from various segments from the port facility industry, including petrochemical manufacturing, energy, passenger facilities, and dry cargo. The students represent many years of experience in addressing facility risks, and Joe encouraged them to mix, mingle, and share their perspectives during the class.
Our fearless leader, Ed Seebald, provided opening remarks. For those of you who know Ed, you won’t be surprised to hear that Ed told some “sea stories” and was both the source and the target of some good-natured kidding. Ed also gave the group a little of his own background, which I’ll add to: Ed and his brother founded S&A shortly after 9-11. His devotion to helping companies develop meaningful security programs is borne from a sense of patriotism that all of us at S&A share.
When Ed (finally) yielded the stage, Joe Hester began the course in earnest, introducing an alphabet soup of terms like MTSA, SOLAS, ISPS, CFR, and SSI. The class took a pre-test to evaluate everyone’s comfort level with these terms and other fundamentals.
Typically these pre-tests score only about 50%, but this is only day one. We know from years of experience that by the end of the class the students will be well equipped to lead and manage their security responsibilities. And if they have developed a taste for beignets and coffee, it isn’t our fault.
TWIC Delays - TSA Guidance
- Posted by Drew Tucci
Recently one of our clients notified us of problems they were having getting timely TWIC renewals for their workforce. We reached out to Captain Brad Clare, the U.S. Coast Guard MTSA program director for port facilities at Coast Guard Headquarters, who in turn reached out to his TSA counterpart to determine the extent of the issue.
The root of the problem is a substantial increase in applicants which is overwhelming enrollment centers. TSA provided the following report:
TSA is experiencing a surge in enrollments across all vetted populations in the National Transportation System to include aviation, maritime and surface populations. Beginning December 2020, TWIC® enrollments exceeded forecasts on a monthly basis. In March 2021, TSA recorded the highest single monthly enrollment total since 2017. TSA is prioritizing adjudication resources to adjudicate cases in a timely manner.
TSA encourages all applicants to enroll or renew at least 60 days before they require a TSA security threat assessment. While most applicants (~55 percent) are approved within 48 hours, the processing of certain applications requires review by a TSA adjudicator, and these cases are averaging 30 days for eligible applicants to receive a TWIC®. Applicants should use the Check My Service Status capability on Universal Enroll to check their status.
So this is a great time to remind your workforce to check their TWIC status and apply early if their TWIC is soon to expire.
Captain Clare also offered that the Coast Guard has issued several COVID related TWIC policies that provide some flexibility, and that facilities that find themselves in a bind should work with their local Captain of the Port. Seebald & Associates can help facilitate any such communication.
Approaching deadlines for Cyber Security in your FSA/FSP
- Posted by Edward Seebald
Marine Transportation System (MTS) cyber spotlight
Posted By: CWO Kurt Fredrickson on May 9, 2021
Editors note: This is the first in a series of articles addressing cyber risk management and cybersecurity within the Marine Transportation System (MTS). The maritime community is facing daily threats to their information and operational technology systems, whether through malicious actors, antiquated systems, or lack of emphasis on securing the cyber landscape. Cyber threats are constantly evolving, and it is crucial that our stakeholders have the guidance, resources, and awareness to mitigate these risks.
From the desk of Captain Bradley Clare
Office Chief for the Office of Port and Facility Compliance (CG-FAC)
CG-FAC is proud to present the first of these articles, providing a summary of Navigation and Vessel Inspection Circular (NVIC) No. 01-20: Guidelines for Addressing Cyber at MTSA Regulated Facilities and reminder of upcoming due dates. CG-FAC will be collaborating with cyber-focused personnel in the field, along with Headquarters program offices, to provide more information in the months ahead.
Approaching deadlines for incorporating cyber into Facility Security Assessments (FSA) and Facility Security Plans (FSP)
As evidenced by news of cyber incidents affecting critical infrastructure and the maritime environment, we are reminded that cyber threats to, and vulnerabilities of the MTS are constantly evolving. With a clear need to mitigate these risks, the Coast Guard is reminding MTS stakeholders, but specifically those facilities regulated under the Maritime Transportation Security Act of 2002 (MTSA), that the timeframe for incorporating cyber into FSAs and FSPs is rapidly approaching.
Navigation and Vessel Inspection Circular (NVIC) No. 01-20: Guidelines for Addressing Cyber at MTSA Regulated Facilities was issued in March of 2020. This NVIC provides guidance to facility owners and operators on complying with requirements to assess, document, and address computer system and network vulnerabilities. In accordance with 33 CFR parts 105 and 106, which implement MTSA, regulated facilities (including Outer Continental Shelf facilities) are required to assess and document vulnerabilities associated with their computer systems and networks in a FSA and FSP.
In announcing this guidance, the Coast Guard understood that facilities would require time to properly assess their cyber risks and vulnerabilities and establish a plan for documenting those as part of their FSAs and FSPs. The Coast Guard advised that facilities shall provide that cyber documentation, whether as an annex, addendum, enclosure, or other form as appropriate, to their local Captain of the Port (COTP) at the time of their annual audit date, beginning October 1st, 2021. COTPs will still have the flexibility, based on resource demands or upon discussion with facility personnel, to adjust when submissions are received, as along as all facility FSA and FSP (Headquarters for ASPs) submissions are received by the end of a one year period, no later than October 1st, 2022.
We continue to stress the importance of engaging early and often with respective COTPs to ensure alignment of expectations for achieving compliance. The Coast Guard is continually reviewing and updating guidance to both industry and CG field personnel, including Frequently Asked Questions and Cyber Security Job Aids, for added awareness.