In case you missed last week’s blog because you were being a patriot and enjoying the 4th of July holiday, here is a recap and what additional information that needs to be in the amendment.  With the TWIC Reader Final Rule going into effect on August 23, 2018, means Risk Group A facilities that are expected to comply and submit an amendment by July 24, 2018 are:

  • CDC Facilities – facilities that receive vessels and engage in vessel to facility interface that involves the transfer of CDCs, in bulk, to or from the vessel they receive
  • Facilities that receive vessels certificated to carry more than 1,000 passengers

TWIC Reader amendment – What needs to be in the amendment?  It is not as simple as stating that we are in compliance with the TWIC Reader Final Rule because we bought TWIC readers.

You need to first review all the additional 33 CFR 105 requirements for TWIC Reader Final Rule.  In short, it explains in detail what electronic TWIC inspection requirements are (card authentication, card validity check, & identity verification), Cancelled Card List (CCL) frequency updates, facility recordkeeping requirements, Physical Access Control System (PACS) requirements, and what is required content for outlining your TWIC program.

If your facility is using or plans to use a TWIC reader on the Transportation Security Administration’s Qualified Technology List (QTL), then your amendment process just got a little easier because these readers meet the electronic TWIC inspection requirements.  You are still required to document in your amendment CCL updates, recordkeeping and the security measures for access control using your TWIC readers.

With that said, those facilities using a PACS must outline in your amendment that an electronic TWIC inspection is being completed along with all the other security measure requirements that are being changed with the enhancement of the PACS.  Since a lot of these requirements are all done electronically, how do you show the Coast Guard during a compliance inspection you meet all the requirements?  You need to work closely with your information technology department to figure this out and remember this data is Sensitive Security Information (SSI) and must be protected in accordance with 49 CFR 1520.

Again, please do not hesitate to contact us if you have any questions or need assistance in becoming compliant with the TWIC Reader Final Rule.

With the TWIC Reader Rule enforcement right around the corner, this month’s blogs will focus on the 30-30-60 rule:

  • 30 days - An amendment to a facility security plan (FSP) must be submitted to the Coast Guard at least 30 days prior to the change in your FSP going into effect – 33 CFR 105.415
  • 30 days – If the audit results require an amendment to your FSA or FSP, the amendments must be submitted no later than 30 days after the completion of the audit and a letter certifying that the amended FSP meets the applicable requirements of this part – 33 CFR 105.415
  • 60 days – A 5 year FSP rewrite needs to be submitted at least 60 days prior to the FSP’s 5 year anniversary date – 33 CFR 105.410

Submit Your Electronic TWIC Reader FSP Amendment 30 Days in Advance

30 days – Remember that we have to submit an amendment to our plan at least 30 days prior to that change in our FSP going into effect.  With the TWIC Reader Final Rule going into effect on August 23, 2018, means Risk Group A facilities that are expected to comply and submit an amendment by July 24, 2018 are:

  • CDC Facilities – facilities that receive vessels and engage in vessel to facility interface that involves the transfer of CDCs, in bulk, to or from the vessel they receive
  • Facilities that receive vessels certificated to carry more than 1,000 passengers

July 24, 2018 is little more than three weeks away, so if you are a Risk Group A facility to which the TWIC Reader Final Rule applies - Where are you in preparing your facility to be compliant with the TWIC Reader Final Rule and the amendment process?

If you need assistance or have any questions, please do not hesitate to contact Seebald & Associates. 

At our 2018 FSO Symposium in New Orleans this month, a representative from Coast Guard Headquarters confirmed that a draft Navigation and Vessel Inspection Circular (NVIC) for Cybersecurity is in the works.  Per the Coast Guard, a NVIC "provides detailed guidance about the enforcement or compliance with certain Federal marine safety regulations and Coast Guard marine safety programs.  While NVIC's are non-directive…they are important ‘tools’ for complying with the law."  While an exact timeline for Coast Guard and DHS approval is unclear, 8-12 months was suggested.

To prepare you for the forthcoming NVIC, we have worked with our cybersecurity partners, MAD Security, to offer a very affordable Cyber Security 360 Health Check that provides a running head start.  Many companies will push for services that are tens of thousands of dollars right off the bat. What most organizations really need is what the 360 Health Check includes: an external network vulnerability assessment/scan and an assessment of defense strategy and technology.  The deliverable includes an overall rating, as well as ratings in subcategories along with specific recommendations for how to resolve gaps.  More information can be found here:

For the months of June and July, we are offering this cybersecurity assessment for the price of $5,988.  This is the perfect first step for you to have true cybersecurity experts assess your readiness and provide guidance and prioritization for a fraction of the cost that most cybersecurity experts would charge.  To take advantage of this opportunity, please email Cliff Neve at This email address is being protected from spambots. You need JavaScript enabled to view it. or call him at (540) 809 8549.

Day three began with a presentation from Rear Admiral Thomas Atkin, USCG (ret.) and Commander John Lovejoy, Executive Officer at USCG Marine Safety Officer Port Arthur.  Admiral Atkin and Commander Lovejoy spoke about natural disaster response and security. A focus of their presentation was recognizing lessons learned from previous natural disasters and putting these lessons into action. They commented on ensuring your team and their needs are addressed when thinking about facility security.  They answered a variety of questions, which equipped the attendees with tangible examples of lessons learned from previous natural disasters.

Captain Brian Kelley, USCG (ret.), Seebald Chief Operating Officer, presented “The Good, The Bad and The Ugly” -- observations from the multiple facility audits, assessments and development of FSPs conducted by Seebald and Associates. Although, a serious subject matter the presentation provided some humorous examples of “the Ugly.”

The feedback attendees have provided to our team has been very positive, informative and valuable. The Seebald Symposiums afford maritime security professionals an opportunity to meet and hear from other industry professionals and USCG officials. The opportunities found at the Seebald Symposiums cannot be replicated in any other venue!

We look forward to meeting you at a future Seebald training or a Seebald Symposium. Please don’t hesitate to reach out to me or one of my team for any of your facility security needs.

The second day of the Seebald and Associates Symposium began with a recap of day one in remarks from Edward Seebald, the founder and CEO of Seebald and Associates.

Day two began with a presentation from LCDR Yamaris Barril, USCG Office of Port and Facility Compliance, providing the latest in policy and regulatory changes regarding Transportation Workers Identification Credential (TWIC). Additionally, LCDR Barril spoke about the cyber security NVIC that will affect your regulated facility and your FSPs. Her presentation highlighted the USCG’s cyber strategy including the three priorities of defending cyberspace, enabling operations and protecting operations. She also shared the top five MTSA enforcement activities for 2017:

              - Security measures for access control.

              - Security measures for restricted areas.

              - Facility Security Plans (FSP) – amendments and audits.

              - Drill and Exercise requirements.

              - Owner and Operator requirements.

LCDR Barill answered an array of questions, which equipped the attendees with the latest updates for these important topics.

Special Agent Natalie Phelan and Special Agent Clinton J. Morano represented the FBI here at the Seebald Symposium. SA Phelan discussed active shooter incidents. She spoke about signs to look for to help prevent potential situations, how to protect yourself and respond to these incidents. SA Morano spoke about the FBI’s role in counterterrorism and its maritime security mission.

Integritas Security Service Managing Director, Eric Linden, discussed the use of canines in the maritime security arena. Eric demonstrated the amazing capabilities of his canine teams and the many ways they are used in facility security.

The afternoon panel presented the very timely subject, cyber security threats in the maritime environment. The panel consisted of Cliff Neve, MAD Security, Commander H. “Lars” McCarter, USCG Cyber Command, Matt Ramey, FBI, and Nick Andersen, former Navy/USCG Intelligence CIO.  The panelists provided insights on cyber protection measures, and what FSOs must do to enhance their facility’s cyber security posture.

The day ended with a keynote speech by Captain Thomas Kaminski, Chief of Prevention for the US Coast Guard District 8.  Captain Kaminski spoke about the connection the USCG has to industry. He shared the issues discovered in Eighth Coast Guard District (e.g., inaccurate FSPs, poor badging protocols, vague/optional FSP language (i.e., use of “may” vs. “shall”), and poor Facility Security Assessments). Captain Kaminski answered several questions from the attendees covering a variety of pertinent topics.