On January 5, the White House issued a 36-page National Maritime Cybersecurity Plan that sets forth how the federal government will defend the nation’s economy via enhanced cybersecurity coordination, policies and practices, aimed at mitigating risks to the maritime industry – promoting prosperity through information and intelligence sharing, and preserving and increasing the nation’s cyber workforce.
In particular, the plan identifies government priority actions to close maritime cybersecurity gaps and vulnerabilities over the next five years.
National Security Advisor Robert O’Brien noted in a statement that the administration had set cybersecurity of the Maritime Transportation System (MTS) as a top priority for national defense, homeland security, and economic competitiveness in the 2017 National Security Strategy.”
“The MTS contributes to one quarter of all United States gross domestic product, or approximately $5.4 trillion [and] MTS operators are increasingly reliant on information technology and operational technology to maximize the reliability and efficiency of maritime commerce,” he added.
“This plan articulates how the United States government can buy down the potential catastrophic risks to our national security and economic prosperity created by technology innovations to strengthen maritime commerce efficiency and reliability,” O’Brien said.
Key parts of this National Maritime Cybersecurity Plan that may affect states include:
- The National Security Council staff, through the policy coordination process, will identify gaps in legal authorities and identify efficiencies to de-conflict roles and responsibilities for MTS cybersecurity standards.
- The federal government will design a framework for port cybersecurity assessments.
- The Department of Homeland Security, through the Coast Guard and in coordination with other applicable departments and agencies, will develop cybersecurity career paths, incentives, continuing education requirements, and retention incentives to build a competent maritime cyber workforce.
The plan follows in the wake of recent major maritime cybersecurity incidents. Since 2017, the four biggest global maritime shipping companies endured a series of cyberattacks, with the International Maritime Organization website suffering a hack in September 2020.