HackDig : Dig high-quality web security articles for hackers

U.S. Releases Cybersecurity Plan for Maritime Sector

2021-01-05 20:23

The U.S. government has released a plan with a list of top-priority items to mitigate threats and provide security to the crucial maritime sector.

The National Maritime Cybersecurity Plan, which was made public (PDF) on Tuesday, highlights several priority actions to close maritime cybersecurity gaps and vulnerabilities over the next five years.

The maritime sector, which includes hundreds of thousands of major waterways, shipyards, ports and bridges, contribute about $5.4 trillion to the U.S. gross domestic product. 

At a high level, the plan sets out priorities and goals around the establishment of global standards to define maritime threats, beefing up threat intel and information sharing, and increasing the cybersecurity workforce in the maritime sector.

OT Network Segmentation

“The proliferation of IT across the maritime sector is introducing previously unknown risks, as evidenced by the June 2017 NotPetya cyber-attack, which crippled the global maritime industry for more than a few days,” the White House said.

“This plan articulates how the United States government can best buy down the potential catastrophic risks to national security and economic prosperity,” the government said, noting that the increasing reliance on IT and OT will continue to promote maritime commerce efficiency and reliability.

The plan calls for a high priority to be placed on what is described as deconflicting government roles and responsibilities.

“Some MTS operators lack the ability to control the security of critical systems because different public and private entities own and operate these interconnected systems. Although cybersecurity standards and frameworks are widely available, businesses often lack the resources or expertise to implement them effectively, leaving them vulnerable to cybersecurity disruptions,” the U.S. government warned.

Because no single entity owns, controls, manages, or regulates businesses or networks used throughout the maritime domain, the plan calls for the NSC (National Security Council) staff to identify gaps in legal authorities and identify efficiencies to de-conflict roles and responsibilities for MTS cybersecurity standards.

The plan's other priorities include developing risk modeling to inform maritime cybersecurity standards and best practices; strengthening cybersecurity requirements in port services contracts and leasing; and improve the level of information sharing between the U.S. government and the private sector.

"Credible and actionable intelligence is required to strengthen maritime cybersecurity,” the government asserted, noting it will create mechanisms to share unclassified, and when acceptable, classified information with maritime industry stakeholders, increasing access to actionable information to protect maritime IT and OT networks.

The plan also zeroes in on producing cybersecurity specialists and a robust workforce to manage and protect port and vessel systems.

Related:

 UN Maritime Agency Hit by 'Sophisticated Cyberattack'

Related: Hackers Start Leaking Files Stolen From Shipping Giant Toll

Related: 

Maritime Cybersecurity: Securing Assets at Sea

Related

China-linked Hackers Target Engineering and Maritime Industries


Source: s-emitiram-su-desaeler-nalp-ytirucesrebyc/o11AjPz8iUd/3~/keewytiruceS/r~/moc.elgoog.yxorpdeef

“U.S. Releases Cybersecurity Plan for Maritime Sector”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud