Page 19: of Marine News Magazine (April 2024)

18 20

• Investment in Infrastructure and Onshoring Man- sharing best practices. Additionally, given the global nature ufacturing: The administration is committing over $20 of maritime operations, international cooperation is essen- billion towards U.S. port infrastructure over the next tial for establishing uniform cybersecurity standards and ? ve years, including efforts to onshore manufacturing protocols that transcend national borders.

of port cranes to mitigate reliance on foreign-produced To this end, I believe the Biden-Harris Administration’s Ex- equipment that may pose security risks. ecutive Order represents a pivotal stride towards understand- • Enhanced Collaboration and Security Measures: ing, aligning and remediating the gaps and challenges that the

The EO also emphasizes the importance of adopting cybersecurity defenses of the U.S. maritime sector currently best practices for cybersecurity in the maritime sector. face. This initiative not only addresses current vulnerabilities

This includes monitoring for wireless threats, addressing but also lays the groundwork for a more resilient and secure vulnerabilities due to the integration of IT and OT and maritime infrastructure capable of combating emerging cyber implementing rigorous cybersecurity plans. threats. Overcoming the hurdles of regulatory clarity, bridg-

Despite these directives, there are very real challenges ing the gap between IT and OT security needs and bolster- that persist. Most notably is the current ambiguity sur- ing the workforce with skilled cybersecurity professionals are rounding cybersecurity regulations. The Coast Guard’s essential steps forward. Through collaborative efforts among

NVIC 01-20, for example, attempts to address these chal- government, industry and international entities, the mari- lenges by providing guidance for incorporating cybersecu- time sector can navigate these digital waters more safely. Im- rity into Facility Security Assessments (FSAs) and Facility plementing these solutions will not only safeguard national

Security Plans (FSPs), but that guidance falls short of man- security but also ensure the continuity and ef? ciency of global dating the implementation of these plans, underscoring a trade operations, making this initiative a beacon for future need for more explicit and enforceable regulations. cybersecurity endeavors in critical infrastructures.

Moreover, as mentioned previously, the integration of

IT and OT in maritime operations complicates cyberse- curity efforts, as these systems often have different security needs and are managed by separate teams within an orga- nization. Protecting these interconnected systems requires a holistic approach that considers both IT and OT vulner- abilities and allows for both teams to have visibility into how risk carries over into adjacent systems.

Lastly, and probably most critical, is the investment in human capital. The shortage of quali? ed cybersecurity professionals within the maritime sector can be mitigated through targeted training programs and partnerships with academic institutions to cultivate a new generation of mar- itime cybersecurity experts, as currently there is a very real lack of quali? ed professionals capable of addressing the growing cybersecurity across all sectors, not just maritime.

Addressing these challenges necessitates a multi-faceted strategy that includes updating and clarifying regulations, fostering a cybersecurity culture within maritime organiza- tions and investing in cybersecurity training and resources.

The Maritime Cybersecurity Methodology, which integrates the NIST Cybersecurity Framework and the ISA/IEC IACS

Cybersecurity Lifecycle model, offers a structured approach for assessing, planning, implementing and monitoring cy- bersecurity measure, and with the new EO, even more clar- ity, resources and regulation are on the horizon to help.

With that said, collaboration between government agen- cies, industry stakeholders and international partners is go- ing to be vital for enhancing cybersecurity standards and www.marinelink.com MN 19|