Mission

The Maritime Cyber Readiness Branch (MCRB) is a component of CG Cyber that supports the cybersecurity mission in the commercial maritime transportation community. To support this mission, MCRB:

  • Works alongside CG-791 and CG-5P to develop, maintain and update strategic planning and cyber policy.
  • Uses a risked-based approach to assess threats, vulnerabilities and impact of loss to the Maritime Transportation System (MTS) to coordinate determination of the most critical data and systems.
  • Sustain strong partnerships with key MTS stakeholders to develop insight into future MTS threat vectors, and opportunities.
  • Oversee cybersecurity support to MTS operations through threat assessments, cyber infrastructure posture improvements, info sharing, and cyber domain incident awareness.
     

Cyber Protection Team

Based in Alexandria, Virginia, CPT is the Coast Guard’s deployable unit responsible for offering cybersecurity services to the Marine Transportation System (MTS).

CPT consists of three teams of active duty Coast Guard cybersecurity professionals who are trained and certified in delivering the four core CPT services: Assess, Hunt, Clear and Harden.

Role in the Marine Transportation System

A critical component of the national supply chain, the MTS is increasingly reliant on computer networks and systems for efficiency and safety.

The CPT ’s mission is to enhance the resiliency of MTS Critical Infrastructure against cyber disruption through consistent proactive engagements with public and private industry organizations. The CPT stands ready for worldwide deployment to conduct operations.

Get Started

To discuss service details and what the CPT can do for your organization, contact the CPT at MaritimeCyber@uscg.mil. Service delivery queues will be continually prioritized based on the time, nature and criticality of the request. The prioritization process prevents a disproportionate amount of resources for any specific stakeholder(s) and ensures that any data associated or lessons learned from the service provided is representative of the sector and nation.

Contact

Contact the Maritime Cyber Readiness Branch:

maritimecyber@uscg.mil

If your facility, vessel, or other maritime platform has been the victim of a cyber-attack that has resulted in a Breach of Security or a Transportation Related Security Incident, please contact the National Response Center at 1(800)424-8802. If the incident has not resulted in a pollution incident, you may also or alternatively contact the National Cybersecurity and Communications Integration Center (NCCIC) at 1(888)-282-0870

To visit the Coast Guard Cyber Command site, click here.

What’s new at the MCRB

 

Marine Safety Information Bulletins, Maritime Cyber Alerts, and Stakeholder Resources

 

NEW Maritime Cyber Alert 01-22 TLP WHITE

Maritime Cyber Alert 04-21 TLP WHITE

Maritime Cyber Alert 02-21 TLP WHITE

To request access to TLP Green Maritime Cyber Alerts, submit your request to the Maritime Cyber Readiness Branch at maritimecyber@uscg.mil

For access to previous CISA alerts please click here.

For access to previous Maritime Commons articles regarding Cyber Awareness and Risk Management, please click here.

Cyber Policies and Resources

Presidential Policy Directive 41

This Presidential Policy Directive (PPD) sets forth principles governing the Federal Government’s response to any cyber incident, whether involving government or private sector entities. For significant cyber incidents, this PPD also establishes lead Federal agencies and an architecture for coordinating the broader Federal Government response. This PPD also requires the Departments of Justice and Homeland Security to maintain updated contact information for public use to assist entities affected by cyber incidents in reporting those incidents to the proper authorities.

National Cyber Incident Response Plan

The NCIRP builds upon these lines of effort to illustrate a national commitment to strengthening the security and resilience of networked technologies and infrastructure. This Plan outlines the structure and content from which stakeholders can leverage to inform their development of agency-, sector-, and organization-specific operational response plans. Correspondingly, this Plan should be understood to be a living document, to be updated as needed to incorporate lessons-learned, to reflect opportunities and challenges that arise as technology evolves, and to ensure the Plan adequately addresses a changing threat/hazard environment.

Coast Guard Cyber Strategy

The Coast Guard is committed to ensuring the safety, security, and stewardship of our Nation’s waters. This commitment requires a comprehensive cyber strategy that provides a clear framework for our overall mission success.

 

CG-5P Policy Letter 08-16 Reporting Suspicious Activity and BoS

CG-5P Policy Letter 08-16: Reporting Suspicious Activity and Breaches of Security outlines the criteria, and process for suspicious activity (SA) and breach of security (BoS) identification and reporting.

 

NVIC 01-20

This Navigation and Vessel Inspection Circular (NVIC) provides guidance to facility owners and operators in complying with the requirements to assess, document, and address computer system or network vulnerabilities. In accordance with 33 CFR parts 105 and 106, which implement the Maritime Transportation Security Act (MTSA) of 2002 as codified in 46 U.S.C. Chapter 701, regulated facilities (including Outer Continental Shelf facilities) are required to assess and document vulnerabilities associated with their computer systems and networks in a Facility Security Assessment (FSA). If vulnerabilities are identified, the applicable sections of the Facility Security Plan (FSP) must address the vulnerabilities in accordance with 33 CFR 105.400 and 106.400.

NIST Special Publication 800-82

Guide to Industrial Control Systems (ICS) Security Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC)

Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

The Cybersecurity and Infrastructure Security Agency (CISA) is committed to leading the response to cybersecurity incidents and vulnerabilities to safeguard the nation's critical assets. Section 6 of Executive Order 14028 directed DHS, via CISA, to “develop a standard set of operational procedures (playbook) to be used in planning and conducting cybersecurity vulnerability and incident response activity respecting Federal Civilian Executive Branch (FCEB) Information Systems.”

CISA Known Exploited Vulnerabilities

A catalog populated by the Cybersecurity and Infrastructure Security Agency (CISA) of known exploited vulnerabilities, listed by Common Vulnerabilities and Exposure (CVE) number. 

CISA Stop Ransomware

A catalog of Cybersecurity and Infrastructure Security Agency (CISA) resources are designed to help individuals and organizations prevent attacks that can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services.

CISA Industrial Control Systems Training

A catalog of training opportunities for Operational Technology and Industrial Control System cybersecurity and risk management, provided by the Cybersecurity and Infrastructure Security Agency (CISA)

MITRE Common Vulnerabilities and Exposures Lists

The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.

Infragard

InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard’s membership includes: business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia and state and local law enforcement—all dedicated to contributing industry-specific insight and advancing national security.