New Coast Guard regulations may trigger a major adjustment to how operators manage certain security risks. Shutterstock image.
The Coast Guard is nearing the full implementation of new cybersecurity regulations that will enhance risk mitigation in response to the growing concerns of conducting maritime business in today’s digital landscape.
The Coast Guard is nearing the full implementation of new cybersecurity regulations that will enhance risk mitigation in response to the growing concerns of conducting maritime business in today’s digital landscape. As these new regulations can be seen as necessary to meet the ongoing operational risks facing all means of business, they also add a new function to the maritime industry, the company cyber security officer (CySO). This role, if treated to the intent of the proposed regulation, may trigger a major adjustment to how operators manage certain security risks.
Historically, our maritime security has been set around physical barriers, soft targets, and deterrence. This function has been handled with some additional training, but mostly with a familiar flavor to traditional operational safety. However, the CySO function adds, a function that isn’t just another hat to be worn by someone within the company.
Cybersecurity requires a deep understanding of the individuals working behind the scenes, often in unseen virtual or code-based environments. Businesses must now determine whether they need to hire information technology (IT) staff or expand existing IT departments into operational controls.
Some say that cybersecurity risks are limited in maritime operations, but this doesn’t fully reflect reality. Our daily interactions happen in cyberspace, from emails to text messages to financial payments and purchasing. Cyber threats present a constant risk, and this doesn’t even account for risks specific to vessel operations, such as AIS or GPS spoofing and hacking into remote onboard control systems.
Furthermore, the world is experiencing a significant shift as advances in artificial intelligence (AI) become integrated into everyday life. The cyber risks we face now even extend to what we read and who we communicate with. Programs like Microsoft Co-Pilot enable individuals to use AI to generate well-articulated content for emails, presentations, and professional media platforms like LinkedIn, potentially masking their own limited knowledge or experience.
AI risks are real, and we encounter them more each day. Our daily interactions include the uncertainty of not knowing what has been created with AI. In fact, this entire column was written using AI software … or was it?
Richard is a licensed mariner and certified TSMS, ISM & ISO lead auditor with over 25 years of domestic and international maritime experience ranging from deep sea, tugs & towing, and passenger vessels, with emphasis in hospitality, transportation, HSSQE, business development, and management system implementation and oversight.
Richard currently is a senior VP at the Hornblower Group and can be reached at[email protected].
