Posted by Richard Sundland

July 5, 2022

Further Delay to the TWIC Reader Rule

Below is the excerpt from the Office of Information and Regulatory Affairs outlining the Coast Guard’s intentions with a further delay for the TWIC reader rule to May 8, 2026.

On August 23, 2016, the Coast Guard issued a final rule, requiring owners and operators of certain vessels and facilities regulated by the Coast Guard to conduct electronic inspections of Transportation Worker Identification Credentials (TWICs) as an access control measure (81 FR 57651).  On March 9, 2020, Coast Guard published a final rule, delaying the effective date of the 2016 TWIC reader rule for three categories of facilities (85 FR 13493).  This rulemaking would further delay portions of the August 2016 final rule.  The Coast Guard would delay the effective date for the three categories of facilities by at least an additional 3 years (until May 8, 2026) or later depending on the outcome of the Homeland Security Operational Analysis Center (HSOAC) study and consideration of public comments.  The study is estimated to be completed no earlier than June 2022.

The three facility categories that would be delayed are:

1. Facilities that handle certain dangerous cargoes in bulk, but do not transfer those cargoes to or from a vessel
2. Facilities that handle certain dangerous cargoes in bulk, and do transfer those cargoes to or from a vessel
3. Facilities that receive vessels carrying certain dangerous cargoes in bulk, but do not, during that vessel to facility interface, transfer those bulk cargoes to or from said vessels

You can read the entire rule intentions at:  View Rule (reginfo.gov)

Posted by Edward Seebald

April 18, 2022

Posted by Edward Seebald

April 12, 2022

Posted by Drew Tucci

February 16, 2022

Cyber Threat

In the past month, the Cybersecurity and Infrastructure Security Agency (CISA) has published a series of alerts and advisories related to cyber threats to U.S. critical infrastructure from Russian state sponsored cyber operations.  In some cases, these advisories have been jointly released by CISA, the Federal Bureau of Investigation, and the National Security Agency.  Coast Guard Captains of the Port and Area Maritime Security Committees have also distributed these advisories to port partners.

We are continuing that process to be sure that all Seebald & Associates clients are aware of the threat, and the actions you can take to improve your preparedness.

I also want to be sure that everyone understands why conflicts thousands of miles from our borders could be a threat to your operations and security.

First, State sponsored cyber attackers may target U.S. infrastructure in retaliation for any actions the U.S. takes as part of this conflict.

Second, the nature of malware is that it moves quickly from targeted to non-targeted systems, with no need for additional human direction.  From the attacker’s perspective, the harm to third parties is simply a bonus.

Third, recognize that cyber disruptions to your systems, whatever their origin, may increase your vulnerability to cyber and non-cyber-attacks.  This could be due to degraded security systems, such as cameras and sensors, or simply because leadership and front line personnel alike are focused on other areas. 

Some of the most relevant advisories on this topic include

Russia Threat Advisory, https://www.cisa.gov/uscert/russia

Understanding Russian Threats, https://www.cisa.gov/uscert/ncas/alerts/aa22-011a

“Shields Up”, https://www.cisa.gov/shields-up

CISA/FBI/NSA Joint Advisory, https://www.cisa.gov/uscert/ncas/current-activity/2022/01/11/cisa-fbi-and-nsa-release-cybersecurity-advisory-russian-cyber

Current Activity:  https://www.cisa.gov/uscert/ncas/current-activity

So take the time now to discuss security with your physical and cyber security personnel alike.  Ensure your cybersecurity personnel are fully aware of the risk and have taken action appropriate to your network.  Ensure physical security personnel are also aware and alert for suspicious activity and other security concerns.

As always, please contact Seebald & Associates for all your security needs. 

Posted by John Felker

November 30, 2021

Ransomware and Your Cybersecurity – Preparing for the Worst while Expecting the Best

The new Coast Guard requirement to include cyber in your FSP highlights that the threat of cyber intrusion into your networks, both information technology (IT) and operational technology (OT), is ever present and growing. Here is a very recent example of a cyber incident in the maritime sector that highlights the increasing trend of ransomware being used by criminal elements.

Ransomware Attack on Swire Pacific Offshore Breaches Personnel Data (maritime-executive.com)

Not only are networks being “locked up” by ransomware actors, but data theft is occurring with more regularity in these intrusions…

“…it is believed that they were successful in taking data from Swire Pacific Offshore’s personnel files ranging from passports, payroll, banking information, and email addresses.”

This element of cyber nastiness continues to grow across all critical infrastructure sectors. With the increasing demand on the maritime sector to move commerce safely and securely, these cyber incidents have the potential to be catastrophic – remember NotPetya and its impact on Maersk, FedEx/TNT and others as just one example!

In our experience we see many clients that are trying to do the right things by thoughtfully including cyber into their FSPs, and also carrying out recommend best practices within their companies, such as

• Forming partnerships and creating regular interaction between the FSO and the IT & OT staffs as appropriate;
• Educating leadership about how cyber fits into the overall security planning process - especially in conjunction with physical security; and
• Working with all parts of their organization to educate employees and raise awareness not only about the threats, but about their responsibilities to be attentive, use caution and effectively be part of the solution rather than part of the problem.

Are you following these best practices? Do you need help thinking through how to best include cyber into your plans? These best practices, and more, are integrated into the S&A FSO curriculum – we have been working hard on getting this thinking integrated into maritime security for several years. All S&A qualified FSOs bring this thinking to the table when building, reviewing, and implementing your MTSA-compliant security program.

Remember, S&A is your critical best friend when we conduct your audit or carry out your assessment and update of your FSP. We are going to absolutely stress the importance of cyber being INTEGRATED in your plan with all the other elements of good security practice!