aeCyberSolutions has launched a series of maritime assessment services and training to help maritime facility security officers (FSOs) ensure compliance with Maritime Transportation Security Administration (MTSA), International Maritime Organization (IMO) and U.S. Coast Guard requirements and directives.
Both the IMO and MTSA Maritime Transportation Cybersecurity Assessment services have been designed to provide a comprehensive third-party cybersecurity assessment of a facility’s compliance including documentation ready for annexation into existing Facility Security Assessments (FSA) and Facility Security Plans (FSP). In the case of IMO, the service ensures compliance to the IMO MSC-FAL.1/Circ.3 guidance for addressing cyber risks at regulated facilities and for the MTSA the service ensures compliance to the corresponding U.S. Coast Guard NVIC 01-20 guidance for addressing cyber risks at MTSA regulated facilities.
“While maritime facility security officers are responsible for compliance with cybersecurity regulations, many may not have the skills, resources, or bandwidth to conduct facility cybersecurity assessments and produce the required documentation,” said John Cusimano, Vice President of aeCyberSolutions.
“Cyber-attacks on maritime transportation infrastructure can have devastating consequences, both regionally and globally. Increasing threats, vulnerabilities in legacy systems, and additional exposure introduced by new technologies (i.e., digital transformation, Internet of Things (IoT) connectivity, cloud-based technologies, remote operations) increases the likelihood of successful attacks.”
Both services include an on-scene survey to examine and evaluate existing facility cybersecurity measures, procedures, and operations. Additionally, aeSolutions will analyze the vulnerabilities found during the on-scene survey and provide recommendations to establish and prioritize the cybersecurity measures for inclusion in the FSP.
In addition to the new assessment services, aeCyberSolutions is also introducing a maritime FSO Cybersecurity Training program. Developed and instructed by experienced maritime cybersecurity experts and offered in-person or online, the training course covers cybersecurity fundamentals for maritime FSOs. Participants also will be instructed on relevant regulatory requirements, such as those established by MTSA, the U.S. Coast Guard and IMO. Additionally, course participants will learn cybersecurity principles and the “jargon” needed to communicate with internal and external cybersecurity consultants, making them better prepared to specify the services required to meet the intent of the regulations and standards. Likewise, participants will learn how to interpret the findings from a cybersecurity assessment and use those to develop a cybersecurity plan that can be annexed into the existing facility security plan.