The Coast Guard has published a Notice of Proposed Rulemaking in the Federal Register related to proposed updates to cybersecurity requirements for MTSA-regulated U.S. flagged vessels, Outer Continental Shelf facilities, and U.S. facilities.
The Coast Guard proposes to update its maritime security regulations by adding regulations specifically focused on establishing minimum cybersecurity requirements for U.S. flagged vessels, Outer Continental Shelf facilities, and U.S. facilities subject to the Maritime Transportation Security Act of 2002 regulations. This proposed rule would help to address current and emerging cybersecurity threats in the marine transportation system. We seek your comments on this proposed rule and whether we should: use and define the term reportable cyber incident to limit cyber incidents that trigger reporting requirements, use alternative methods of reporting such incidents, and amend the definition of hazardous condition.
The maritime industry is undergoing a significant transformation that involves increased use of cyber-connected systems. While these systems improve commercial vessel and port facility operations, they also bring a new set of challenges affecting design, operations, safety, security, training, and the workforce. This proposed rule would help to address current and emerging cybersecurity threats in the marine transportation system.
Individuals are encouraged to submit questions and comments to the Federal Register for consideration. Questions and Comments must be received no later than April 22, 2024.
For more information, see the NPRM on the Federal Register eRulemaking Portal at www.regulations.gov under Docket Number USCG–2022–0802.