Proposed USCG Cyber Security Regulations: Industry Responses and Recommendations

The United States Coast Guard (USCG) is taking steps to enhance cybersecurity for US-flagged vessels, facilities on the Outer Continental Shelf, and US facilities subject to regulations under the Maritime Transportation Security Act of 2002. The USCG recently issued a Notice of Proposed Rulemaking (NPRM) to establish minimum cybersecurity requirements in response to the increasing use of cyber-connected systems in the maritime industry.

The NPRM has sparked a flurry of comments from industry stakeholders, with concerns ranging from the practicality of implementing cybersecurity measures on smaller vessels to the impact of ransomware attacks. Companies like Maersk Line and Liberty Global Logistics have weighed in on the proposed regulations, offering recommendations for clarity, efficiency, and alignment with existing industry best practices.

One of the key points of contention is the requirement for companies to report ransomware attacks, with some arguing that this could discourage companies from making ransom payments and ultimately increase the number of cyber incidents. The USCG will now review the comments received during the comment period before finalizing the new regulations.

To read the full NPRM and industry comments, visit the links provided. Stay tuned for updates on how the USCG plans to address cybersecurity challenges in the maritime industry.