Mission

The Maritime Cyber Readiness Branch (MCRB) is a component of CG Cyber that supports the cybersecurity mission in the commercial maritime transportation community. To support this mission, MCRB:

  • Works alongside CG-791 and CG-5P to develop, maintain and update strategic planning and cyber policy.
  • Uses a risked-based approach to assess threats, vulnerabilities and impact of loss to the Maritime Transportation System (MTS) to coordinate determination of the most critical data and systems.
  • Sustain strong partnerships with key MTS stakeholders to develop insight into future MTS threat vectors, and opportunities.
  • Oversee cybersecurity support to MTS operations through threat assessments, cyber infrastructure posture improvements, info sharing, and cyber domain incident awareness.
     

Cyber Protection Team

Based in Alexandria, Virginia, CPT is the Coast Guard’s deployable unit responsible for offering cybersecurity services to the Marine Transportation System (MTS).

CPT consists of three teams of active duty Coast Guard cybersecurity professionals who are trained and certified in delivering the four core CPT services: Assess, Hunt, Clear and Harden.

Role in the Marine Transportation System

A critical component of the national supply chain, the MTS is increasingly reliant on computer networks and systems for efficiency and safety.

The CPT ’s mission is to enhance the resiliency of MTS Critical Infrastructure against cyber disruption through consistent proactive engagements with public and private industry organizations. The CPT stands ready for worldwide deployment to conduct operations.

Get Started

To discuss service details and what the CPT can do for your organization, contact the CPT at MaritimeCyber@uscg.mil. Service delivery queues will be continually prioritized based on the time, nature and criticality of the request. The prioritization process prevents a disproportionate amount of resources for any specific stakeholder(s) and ensures that any data associated or lessons learned from the service provided is representative of the sector and nation.

Contact

Contact the Maritime Cyber Readiness Branch:

maritimecyber@uscg.mil

If your facility, vessel, or other maritime platform has been the victim of a cyber-attack that has resulted in a Breach of Security or a Transportation Related Security Incident, please contact the National Response Center at 1(800)424-8802. If the incident has not resulted in a pollution incident, you may also or alternatively contact the National Cybersecurity and Communications Integration Center (NCCIC) at 1(888)-282-0870

To visit the Coast Guard Cyber Command site, click here.

What’s new at the MCRB

 

Cyber Policies and Strategy

NIPP 2013

Our Nation's well-being relies upon secure and resilient critical infrastructure—the assets, systems, and networks that underpin American society. The National Infrastructure Protection Plan (NIPP)—NIPP 2013: Partnering for Critical Infrastructure Security and Resilience—outlines how government and private sector participants in the critical infrastructure community work together to manage risks and achieve security and resilience outcomes.

 

NIPP SSA Transportation

Homeland Security Presidential Directive 7 (HSPD-7) identified 17 critical infrastructure and key resources (CI/KR) sectors and designated Federal Government Sector-Specific Agencies (SSAs) for each of the sectors. Each sector is responsible for developing and submitting Sector-Specific Plans (SSPs) and sector-level performance feedback to the Department of Homeland Security (DHS) to enable national cross-sector CI/KR protection program gap assessments. SSAs are responsible for collaborating with public and private sector security partners and encouraging the development of appropriate information-sharing and analysis mechanisms within the sector. The United States Coast Guard (USCG) is designated as the Sector Specific Agency for the Maritime Transportation System mode.

Coast Guard Cyber Strategy

The Coast Guard is committed to ensuring the safety, security, and stewardship of our Nation’s waters. This commitment requires a comprehensive cyber strategy that provides a clear framework for our overall mission success.

 

CG-5P Policy Letter 08-16 Reporting Suspicious Activity and BoS

CG-5P Policy Letter 08-16: Reporting Suspicious Activity and Breaches of Security outlines the criteria, and process for suspicious activity (SA) and breach of security (BoS) identification and reporting.

 

NVIC 01-20

This Navigation and Vessel Inspection Circular (NVIC) provides guidance to facility owners and operators in complying with the requirements to assess, document, and address computer system or network vulnerabilities. In accordance with 33 CFR parts 105 and 106, which implement the Maritime Transportation Security Act (MTSA) of 2002 as codified in 46 U.S.C. Chapter 701, regulated facilities (including Outer Continental Shelf facilities) are required to assess and document vulnerabilities associated with their computer systems and networks in a Facility Security Assessment (FSA). If vulnerabilities are identified, the applicable sections of the Facility Security Plan (FSP) must address the vulnerabilities in accordance with 33 CFR 105.400 and 106.400.

Marine Safety Information Bulletins, Maritime Cyber Alerts, and Stakeholder Resources

 

Maritime Cyber Alert 02-21 TLP WHITE

 

To request access to TLP Green Maritime Cyber Alerts, submit your request to the Maritime Cyber Readiness Branch at maritimecyber@uscg.mil

NIST Special Publication 800-82

Guide to Industrial Control Systems (ICS) Security Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC)

Resources

The following are links to other resources available to enhance the cybersecurity posture of members of the maritime transportation system community

Cybersecurity Infrastructure Security Agency (CISA)

CISA Industrial Control Systems Training

MITRE Common Vulnerabilities and Exposures Lists

Infragard