Ben Trowbridge, Managing Director of the Outsourcing Center, is scheduled to speak at the 2023 Port of the Future Conference in Houston, May 4-7, 2023, on How Safe is your Port? A Joint Industry and Government Team investigates port cybersecurity before an industry group.
This year’s Conference seeks to bring the leaders of 50 seaports from the United States and Canada, Europe, the Middle East, and Central and South America to Houston – to apply their vast accumulated knowledge and experiences to address the port and maritime industries’ most pressing challenges, formulate viable solutions, and highlight best practices.
Featuring keynote presentations, case studies, panels, interviews, and breakout discussions, the fourth annual Port of the Future conference is a must-attend event for Port Executives in 2023.
The 2023 Port of the Future Conference is shaped by research and innovation, advances in technology, increased dependence on automation, enhancements in data security and information sharing, and heightened environmental compliance – all impacting the ability to move cargo and people rapidly and securely across international borders.
This conference, now in its fourth year, focuses on creating and revitalizing our Nation’s seaports, infrastructure, and processes – across maritime, air, land, and cyber domains.
Participants will hear from industry leaders, government agency executives, and prominent researchers on their visions for Ports of the Future, projected trends and emerging challenges, promising research, and new, innovative technology. For more information on the event. https://portofthefutureconference.com/trowbridge.
For more about Port and Maritime Cybersecurity issues, look for future thoughts from our team in these areas.
Ports and maritime transportation infrastructures are critical components of the international trade system. With the increasing digitalization of the shipping industry, there is a growing need to address cybersecurity vulnerabilities that may compromise the integrity of these essential assets. This article delves into the importance of port and maritime cybersecurity, specifically examining the relevant United States Coast Guard (USCG) regulations and U.S. laws that govern this crucial area.
Maritime Transportation Security Act (MTSA)
The Maritime Transportation Security Act (MTSA) of 2002 (46 U.S.C. §§ 70101-70119) establishes a comprehensive national framework for the protection of the U.S. maritime transportation system. The MTSA aims to enhance the security of port facilities, vessels, and maritime infrastructure against potential cyber threats. Under the MTSA, the USCG is responsible for assessing and mitigating cybersecurity risks at port facilities and vessels.
USCG Navigation and Vessel Inspection Circular (NVIC) No. 01-20
Recognizing the increasing importance of cybersecurity in the maritime domain, the USCG published the Navigation and Vessel Inspection Circular (NVIC) No. 01-20 in 2020. This guidance document outlines how to incorporate cybersecurity measures into the required facility and vessel security plans under the MTSA. NVIC No. 01-20 emphasizes the need for a risk-based approach to cybersecurity and encourages the use of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as a basis for implementing best practices.
National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
The NIST CSF is a voluntary set of standards, guidelines, and best practices designed to help organizations manage and reduce cybersecurity risk. Although not specifically created for the maritime sector, the NIST CSF can be adapted to address cybersecurity challenges in port and maritime environments. The Framework provides a structure for organizations to identify, protect, detect, respond to, and recover from cybersecurity incidents.
Presidential Policy Directive 21 (PPD-21) and the National Infrastructure Protection Plan (NIPP)
In addition to the MTSA, Presidential Policy Directive 21 (PPD-21), issued in 2013, emphasizes the importance of strengthening the security and resilience of critical infrastructure, including maritime facilities. PPD-21 identifies 16 critical infrastructure sectors, including the transportation systems sector, which encompasses maritime transportation.
To implement PPD-21, the Department of Homeland Security (DHS) developed the National Infrastructure Protection Plan (NIPP) in 2013. The NIPP provides a coordinated approach to risk management and critical infrastructure protection, which includes maritime facilities and ports. The NIPP promotes a collaborative environment between the public and private sectors to enhance cybersecurity and resilience.
Conclusion: The increasing reliance on digital technologies in the port and maritime sectors has made cybersecurity a top priority for regulators and industry stakeholders. The United States Coast Guard, through regulations such as the MTSA and guidance documents like NVIC No. 01-20, has taken essential steps to address these concerns. Furthermore, the adoption of the NIST CSF and the implementation of PPD-21 and the NIPP demonstrate the U.S. government’s commitment to safeguarding critical infrastructure.
About the Author: Ben Trowbridge is an accomplished Outsourcing advisor with extensive experience in outsourcing and managed services. As a former EY Partner and CEO of Alsbridge, he built successful practices in Transformational Outsourcing, BPO, IT Outsourcing, and Cybersecurity Managed Services. Throughout his career, Ben has advised a broad range of clients on outsourcing and global business services strategy and transactions. As the current CEO of the Outsourcing Center, he provides valuable insights and guidance to buyers and managed services executives. Contact him at [email protected].