Schedule your free consultation today
Maritime Cyber Security Solutions
Port Security - Houston Port Authority
Partnering with Top Companies to Ensure your data remains private and secure
Requirements for Maritime Transportation Security Act
Due to an increase of cyberthreats and vulnerabilities in the Marine Transportation System, the Coast Guard published Navigation and Vessel Inspection Circular (NVIC) 01-20, Guidelines for Addressing Cyber Risks at MSTA Regulated Facilities in March 2020.
NVIC 01-20 provides guidance on assessing cyber risks when conducting required Facility Security Assessments (FSA) and incorporating cybersecurity within Facility Security Plans (FSP).
Requirement Resources continued
The Coast Guard established an 18-month implementation period which allowed MTSA-regulated facility owners or operators time to incorporate cybersecurity into their FSAs and FSPs.
- Beginning on Oct. 1, 2021, facility owners and operators who have not already done so should submit FSP cyber amendments or annexes to their local Captain of the Port (COTP) as part of the facility’s annual audit. COTPs will verify that facilities have addressed cybersecurity within the FSA and FSP cyber amendments/annexes. COTPs retain discretion on whether the requirements have been met, and on any potential extension of submission dates.
Additional Requirement Resources
GUIDELINES ON MARITIME CYBER RISK MANAGEMENT
These Guidelines provide high-level recommendations for maritime cyber risk management.
MARITIME CYBER RISK MANAGEMENT IN SAFETY MANAGEMENT SYSTEMS
Maritime Resolution adopted on 16 July 2017
How can we help!
At CSS there is more to ensuring the security of your most important information, we ensure your privacy. Listed below are a few examples of our methodologies and capabilities.
Work with The
Department of Defense
Experience with IT
and OT networks
Holistic Security &
(Cloud to Edge)
Frequently Asked Questions
I need to update my FSA and FSP to address computer systems and networks. What is the deadline for doing that?
The Coast Guard is allowing a 1.5 year long implementation period of the cybersecurity requirement, ending on 09/30/2021. This initial implementation period will allow MTSA-regulated facility owners/operators time to address cybersecurity vulnerabilities in their FSA and FSP or ASP by incorporating this guidance, or an alternative as best fits their needs. Facility owners and operators who already address cybersecurity in their FSAs and FSPs or ASPs should continue doing so, while considering whether the guidance in NVIC 01-20 can improve their ongoing practices.
Once this implementation period is over (beginning 10/01/2021), facilities should submit cybersecurity FSA and FSP/ASP amendments or annexes by the facility’s annual audit date, which is based on the facility’s FSP/ASP approval date. Captains of the Port (COTPs) will still have the flexibility based on resource demands, or based upon request from a facility, to adjust when submissions are received, as long as all facility FSA and FSP submissions are received by the end of the one year period, no later than 10/01/2022. The same flexibility is available to facilities using ASPs, except they should communicate with Coast Guard Headquarters rather than a COTP.