Tuesday, January 21, 2025

Review - CG Published Maritime Cybersecurity Final Rule

Last week, the Coast Guard published a final rule in the Federal Register (90 FR 6298-6453) on Cybersecurity in the Marine Transportation System. The notice of proposed rulemaking was published on February 22nd, 2024 (see additional NPRM posts here and here – both removed from paywall). This rule updates the maritime security regulations by establishing minimum cybersecurity requirements for U.S.-flagged vessels, Outer Continental Shelf facilities, and facilities subject to the Maritime Transportation Security Act of 2002 regulations.

In addition to the obligatory cybersecurity point-of-contact requirement, the final rule requires covered ships, platforms and facilities to have a cybersecurity plan that includes:

Account security measures,

Device security measures, and

Data security measures,

Additionally, the final rule addresses,

Cybersecurity training,

Risk management,

Supply chain issues,

Resilience,

Network segmentation, and

Physical security.

Effective Date

The effective date for this final rule is July 16th, 2025.

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */