Coast Guard Maritime Cybersecurity Resource Center

This website is a collaborative effort between the USCG, CISA, and MARAD to ensure current maritime cyber threat information is available to the public and industry stakeholders.

 

 

The Coast Guard Maritime Industry Cybersecurity Resource website is a single-source hub for Marine Transportation System related cybersecurity resources. This site provides current information related to reporting cyber incidents, relevant policy and guidance, cyber related bulletins and alerts, and links to other useful sources.

 

Report a Cyber Incident

When to report a cyber incident.

On February 21, 2024, the Executive Order on Amending Regulations Relating to the Safeguarding of Vessels, Harbors, Ports, and Waterfront Facilities of the United States amended 33 CFR Part 6. Among other provisions, it added a definition for “cyber incident” and created a requirement to report evidence of an actual or threatened cyber incident involving or endangering any vessel, harbor, port, or waterfront facility to the Coast Guard, the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA). The broad applicability of 33 CFR Part 6 and the new definition of a cyber incident created an overlap with existing MTSA reporting requirements. NVIC 02-24 provides clarification on the reporting requirements identified in 33 CFR Part 101 and 33 CFR Part 6.

  • NVIC 02-24 - REPORTING BREACHES OF SECURITY, SUSPICIOUS ACTIVITY, TRANSPORTATION SECURITY INCIDENTS, AND CYBER INCIDENTS
  • Executive Order - Executive Order on Amending Regulations Relating to the Safeguarding of Vessels, Harbors, Ports, and Waterfront Facilities of the United States.
  • National Response Center - All incidents required to be reported based on the above guidance should be reported to the National Response Center by calling 1-800-424-8802

Have a question? Here is a list of your CG Cyber Contacts.

Facility Resources

Waterways & Navigation Resources

  • USCG Homeport  - Homeport is the United States Coast Guard's enterprise internet portal for the Maritime Community. It was initially designed to support the secure information sharing requirements resulting from the Maritime Transportation Security Act of 2002 (MTSA) and to provide information about the USCG's primary missions.
  • USCG Navigation Center - The Navigation Center is the Coast Guard's center of excellence for systems and policy related to electronic positioning, navigation, and timing. This includes radio navigation, electronic charting, and vessel identification and tracking.
  • USCG Office of Bridge Programs - Administers the various bridge statutes, environmental laws of the United States, pertinent regulations and policies in a timely, courteous, responsive and professional manner. This mission will contribute to the development of a safer, more efficient and convenient marine and land transportation system that will effectively utilize and conserve the nation's resources in a cost efficient manner, while providing for the well-being, general safety, security, and interests of the citizens of the United States.

Have a question? Here is a list of your CG Cyber Contacts.

Cybersecurity and Infrastructure Security Agency (CISA) Links

  • CISA Cybersecurity Advisory - People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection.
  • CISA Cybersecurity Performance Goals - CISA's Cybersecurity Performance Goals are a prioritized subset of information technology (IT) and operational technology (OT) cybersecurity practices that critical infrastructure owners and operators can implement to meaningfully reduce the likelihood and impact of known risks and adversary techniques.
  • CISA Cyber Incident Reporting - CISA's reporting home page gives the resources to report an incident, vulnerabilities, phishing attempts, and find general reporting information.
  • DHS/CISA CyberSentry program - The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has developed the voluntary CyberSentry program to enhance the cyber resilience of organizations that own or operate critical infrastructure. CyberSentry uses sensors to monitor the Information Technology and Operational Technology networks of a participating Critical Infrastructure (CI) partner for cybersecurity threats.
  • CISA Industrial Control Systems Security Offerings - CISA works with their partners to defend against today's threats and collaborating with industry to build more secure and resilient infrastructure for the future. To support the industrial control system (ICS) community's cyber risk management efforts, CISA offers a wide range of products, services, and capabilities. This fact sheet provides information a few of the tools CISA offers, including The Cyber Security Evalution Tool, The Control Environment Laboratory Resource, CyberSentry, and Malcolm.
  • CISA's Known Exploited Vulnerabilities Catalog - CISA's  Common Vulnerabilities and Exposures (CVEs) catalog. The CVE Program is sponsored by CISA and operated by The MITRE Corporation. The program identifies, defines, and catalogs publicly disclosed cybersecurity vulnerabilities. 
  • CISA's Detection and Prevention of Cyber Attacks - CISA detection and prevention programs rapidly notifies relevant critical infrastructure stakeholders of elevated risk exposure, conducts incident management operations, provides vulnerability assessments, and directly deploys risk management information, tools, and technical services to mitigate risk, including regulatory enforcement where authorized.
  • CISA SHIELDS UP - This program provides guidance for all organizations, regardless of size, to help adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.
  • General Cybersecurity Resources - CISA provides cybersecurity resources to organizations ranging from the Federal Government, State/Territorial/Tribal/Local Government, Academia, and small business. 
  • CISA Central - CISA Central is CISA’s hub for staying on top of threats and emerging risks to our nation’s critical infrastructure, whether they’re of cyber, communications or physical origin.
  • Information Sharing and Awareness - Information sharing is essential to protecting critical infrastructure and to furthering cybersecurity for the nation. CISA has provided a list of information sharing and awareness resources.
  • Remote Monitoring and Management Cyber Defense Plan - This plan addresses systemic risks facing the exploitation of RMM software. Cyber threat actors can gain footholds via RMM software into managed service providers (MSPs) or manage security service providers (MSSPs) servers and, by extension, can cause cascading impacts for the small and medium-sized organizations that are MSP/MSSP customers.

Vessel Resources

What Can CGCYBER Do For You?

  • The Maritime Cyber Readiness Branch (MCRB) - a cross functional team of maritime operations and cybersecurity professionals that supports maritime cyber incident response activities and facilitates cyber threat information sharing. They also provide subject matter expertise within the coast guard and for industry partners.
  • CG Cyber Protection Team - the Coast Guard’s deployable unit responsible for offering cybersecurity services to the Marine Transportation System (MTS). The Cyber Protection Team (CPT) consists of three teams of active duty Coast Guard cybersecurity professionals who are trained and certified in delivering the four core CPT services: Assess, Hunt, Clear and Harden

Have a question? Here is a list of your CG Cyber Contacts.

Cybersecurity Resources

Information Sharing And Analysis Centers (ISACs)

  • MTS-ISAC - Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC) promotes and facilitates maritime cybersecurity information sharing, awareness, training, and collaboration efforts between private and public sector stakeholders.
  • IT-ISAC - Information Technology Information Sharing And Analysis Center is an organization who aims to use a collaborative effort to minimize threats, manage risk, and respond to cyber incidents.
  • MS-ISAC - Multi-State Information Sharing and Analysis Center (MS-ISAC) is an organization whose mission is to improve the overall cybersecurity posture of U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through coordination, collaboration, cooperation, and increased communication.
  • ONG-ISAC - Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC) serves as a central point of coordination and communication to aid in the protection of exploration and production, transportation, refining, and delivery systems of the ONG industry, through the analysis and sharing of trusted and timely cyber threat information.

Area Maritime Security Committee (AMSC)

Area Maritime Security Committees were created to provide a link for contingency planning, development, review, and update of Area Maritime Security Plans, and to enhance communication between port stakeholders within federal, state, and local agencies, and industry to address maritime security issues.

Additional Resources

  • NIST - Cybersecurity Framework - The National Institute of Science and Technology framework for Improving Critical Infrastructure Cybersecurity
  • FBI - Industry and Government Partnership - The FBI’s cyber mission is to impose risk and consequences on cyber adversaries through their unique authorities and world-class investigative capabilities.
  • FBI - IC3 - Internet Crime Complaint Center (IC3) is the FBI's hub for collecting reports related to cyber crime.
  • International Maritime Organization (IMO) - IMO Guidance on maritime cyber risk.
  • HSI Cyber Crime Center - Homeland Security Investigations (HSI) Cyber Crimes Center (C3) supports HSI's mission through the programmatic oversight and coordination of investigations of cyber-related criminal activity, and provides a range of forensic, intelligence and investigative support services across the HSI programmatic areas.
  • Maritime Administration - Office of Maritime Security - Maritime Cyber Security represents another area of focus for the Maritime Administration (MARAD). The Office of Maritime Security works with the Department of Homeland Security (DHS) and others to share cyber security resources and best practices with the U.S. maritime industry and shares maritime industry’s cyber security concerns with appropriate government agencies.

If you have any questions or suggestions on content you would like to see hosted on this webpage, please send an email to MaritimeCRC@uscg.mil.

The information contained on this page is provided “as is” for informational purposes only. The U.S. Coast Guard (USCG) does not provide any warranties of any kind regarding any information contained on the page or associated links. USCG does not endorse any commercial product or service referenced on this page, associated links, or otherwise related to USCG information.

The unauthorized use of any Federal agency’s seal is governed by the U.S. Code title 18 sections 506, 701, 709 and 1017. U.S. Code title 14 section 934 prohibits individuals, corporations, and other businesses from using the words "Coast Guard" or "United States Coast Guard" for trade or business purposes.