Cyber Risk Management in the Maritime Transportation System

Systems Engineering Division (CG-ENG-3)

The Marine Transportation System (MTS) is facing increasing risk due to cyber-related vulnerabilities. Vessel and facility operators are increasingly dependent on computers and cyber dependent technologies for navigation, communications, engineering, safety, cargo handling and many other operational applications.  Collectively, these technologies enable the MTS to operate with an impressive record of reliability and at a capacity that drives the U.S. economy and supports national defense and homeland security.  However, exploitation, misuse, or failure of these cyber systems could disrupt vital trade activities, harm the environment, or even cause injuries and deaths. 


Reference documents:

IMO Approves Resolution on Maritime Cyber Risk Management. At the 98th session of the Maritime Safety Committee (MSC 98), the International Maritime Organization approved Resolution MSC.428(98) Maritime Cyber Risk Management in Safety Management Systems. The Coast Guard will continue to work with our industry partners to develop a clear and achievable path towards compliance and foster a resilient risk management approach towards cyber risks. You can submit your feedback to the Coast Guard via email to or call 202-372-1372.


IMO Approves Guidelines on Maritime Cyber Risk Management.  At the 96th session of the Maritime Safety Committee (MSC 96), the International Maritime Organization approved the Interim Guidelines on Maritime Cyber Risk Management, which have been published as circular MSC.1/Circ. 1526.  The intent is to review and implement the Guidelines and identify areas for improvement to be brought to the attention of MSC 97 (November 2016). You can submit your feedback to the Coast Guard via email to or call 202-372-1372

Executive Order 13636 — Improving Critical Infrastructure Cybersecurity.

Executive Order 13691 — Promoting Private Sector Cybersecurity Information Sharing.

Presidential Policy Directive (PPD-21) — Critical Infrastructure Security and Resilience.

National Infrastructure Protection Plan (NIPP 2013): Partnering for Critical Infrastructure Security and Resilience — Outlines how government and private sector participants in the critical infrastructure community work together to manage risks and achieve security and resilience outcomes.

National Institute of Standards and Technology (NIST) Framework — Framework for Improving Critical Infrastructure Cybersecurity.



Contact the Systems Engineering Division (CG-ENG-3):

Cyber Staff Engineer: LT Kevin Kuhn




Commandant (CG-ENG-3)
U.S. Coast Guard
2703 Martin Luther King Jr. Ave. SE STOP 7509
Washington, D.C. 20593-7509
Tel: +1 (202) 372-1367