Wednesday, July 12, 2017

CG Publishes Draft MTSA Cybersecurity Guidance

Today the Coast Guard published a notice in the Federal Register (82 FR 32189-32191) requesting public comments on their draft of Draft Navigation and Vessel Inspection Circular (NVIC) No. 05-17 For Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities. The draft guidelines can be found at https://homeport.uscg.mil/mycg/portal/ep/home.do > Cybersecurity > Cyber News > Draft Cyber Navigation and Vessel Inspection Circular (NVIC) 05-17 > View Document (sorry, the CG does not use actual links to documents on the Homeport site; you have to click on the links noted above to get to the document).

The Notice explains that the guidance document addresses how cybersecurity issues should be addressed under the current Facility Security Assessment (FSA) and Facility Security Plan (FSP) requirements of 33 CFR Parts 105 and 106. It does not address cybersecurity issues on vessels (33 CFR 104).

The guidance document also sets out proposed best practices for the establishment of a cyber governance and risk management program at MTSA covered facilities. A large portion of the best practices guidance is based upon the NIST Cybersecurity Framework (CSF).


The CG is soliciting public comments on the draft guidance document. Comments may be submitted via the Federal eRulemaking Portal (www.Regulations.gov; Docket # USCG-2016-1084). Comments should be submitted via September 11th, 2017.

No comments:

 
/* Use this with templates/template-twocol.html */