On July 11, 2017, the US Coast Guard (USCG) and the Department of Homeland Security (DHS) proposed new cybersecurity draft guidelines for Maritime Transportation Security Act (MTSA) regulated facilities. The guidelines follow the White House’s May 2017 Executive Order to strengthen the cybersecurity of critical infrastructure. The draft guidelines are open for public comment until September 11, 2017. The guidelines outline a position on addressing cybersecurity that is consistent with the National Institute for Standards and Technology (NIST) Cybersecurity Framework and other cybersecurity guidance. Similar to the Executive Order, the draft reflects a growing emphasis on mitigating cyber threats to critical infrastructure.
The guidelines are divided into two sections. One provides draft guidance on existing regulatory requirements and how they relate to cybersecurity. The second advises regulated facilities on how to implement a cyber risk management governance program.