The US Coast Guard's first-ever mandatory cybersecurity framework for ports, vessels, and offshore facilities has taken effect, ending two decades of voluntary compliance and putting operators on a countdown with a 2027 deadline. The regulations affect any US-flagged vessel or maritime facility subject to the Maritime Transportation Security Act of 2002 and require that they develop and maintain a cybersecurity plan, designate a Cybersecurity Officer (CySO), conduct annual assessments, and trai
uscg (6)
The United States Coast Guard (USCG) published its final rule to introduce cybersecurity requirements for US-flagged vessels, along with port/terminal facilities and outer continental shelf facilities.
The rule takes effect from 16 July 2025 and will commence a 24-month period to achieve full compliance with the standards required in the rule.[1]
Key points:
- It applies only to US-flagged vessels that must comply with 33 CFR Part 104, for example cargo ships greater than 100 gross tons.
- From 16
With supply chain attacks on the rise, and nation-state attackers constantly looking for new ways to disrupt national security and economic stability, one of the most vulnerable areas is the security around our maritime operations. The current US administration's recent Executive Order to fortify the cybersecurity of US ports underscores this concern, spotlighting the urgency of addressing vulnerabilities in a sector that drives over $5.4 trillion in economic activity annually. This initiative
In February 2019, a large container ship sailing for the Port of New York/New Jersey identified a cyber intrusion on board that startled the US Coast Guard. Though the malware attack never controlled the vessel’s movement, authorities concluded that weak defenses exposed critical functions to “significant vulnerabilities.”
A maritime disaster didn’t happen that day, but a warning flare rose over an emerging threat to global trade: cyber piracy able to penetrate on-board technology that’s replac
Area Maritime Security Committees 2020 Annual Report – Challenges, Suggestions, Accomplishments, and Best Practices. The Office of Port and Facility Compliance is pleased to announce the publication of a consolidated report[1] on the status and work completed in 2020 by Area Maritime Security Committees. Area Maritime Security Committees 2020 Annual ReportArea Maritime Security Committees 2020 Annual Report.[2]
Area Maritime Security Committees (AMSCs) provide a valuable forum to discuss and a
The current US administration is signaling it will be updating the US government’s approach to its maritime cybersecurity strategy. Cyber security priorities are being discussed to enhance and secure the US’ ability to ‘project power at sea and defend against adversarial cyberattacks.’ The plan involves a re-examination of the national approach to information sharing and better emphasizing the use of operational technologies in ports.
Hackers at all tier levels have long targeted shipping fir
