Current events are demonstrating the critical role of cybersecurity planning. The Coast Guard cyber team ensures that the nation’s maritime infrastructure stays open for business.
Members of Coast Guard Cyber Command (CGCYBER) are responsible for securing Coast Guard networks (including VDI and VPN), as well as systems (i.e. tactical systems on board cutters, sensors in ports, etc.) to protect against outside intrusion.
As a sector specific agency in the Transportation Sector Specific Plan – 2015, the Coast Guard- specifically CGCYBER - has a unique responsibility to protect the Marine Transportation System (formerly known as the Maritime Transportation System) from cyber threats as well.
Securing such a large and complex maritime environment is no easy feat.
“Gaps in physical security can lead to cyber compromise, even in disconnected systems,” explained blue team branch chief Lt. Kenneth Miltenberger of CGCYBER. “This requires Coast Guard operators to stay vigilant and practice good [operational security.]”
Cyber security “blue teams” are the people responsible for monitoring networks and systems to protect them from outside threats by ensuring systems are as up-to-date and secure as possible. Miltenberger, as the blue team branch chief, is responsible for managing some of the coast’s best and brightest, who combined are certified to the highest industry standards.
The team is divided into three sections, each with a specific mission: assessments, application, and vulnerability assessment.
The assessments section is the primary deployable arm of the blue team, who travel for on-site assessments of networks and systems. The application security section specializes in web, mobile, and cloud security, and is responsible for enterprise web scanning and web penetration testing. Finally, the vulnerability assessment team is responsible for local and enterprise scanning—attempting to locate possible points of intrusion that adversaries can use.
To aid the greater Marine Transportation System (MTS) at large, the Coast Guard developed the U.S. Coast Guard Cyber Protection Team (CPT). Consisting of three teams of active-duty Coast Guard cybersecurity professionals, the CPT assesses networks and systems for potential vulnerabilities, hunts within systems to find adversarial activity, clears any malicious code or software from compromised networks or systems, and hardens networks and systems by providing security recommendations to operators.
The CPT’s mission is to enhance the resiliency of the MTS against cyber disruption through consistent proactive engagements with public and private industry organizations.
“Federal relationships with industry are more important than ever to defending our critical infrastructure,” said Miltenberger.
To this end, the Coast Guard Maritime Commons reminds facility owners and operators who work at facilities under the regulation of the Maritime Transportation Security Act of 2002 (MTSA) to comply with the updated Navigation and Vessel Inspection Circular (NVIC) No. 01-20: Guidelines for Addressing Cyber at MTSA Regulated Facilities that requires cyber to be incorporated into Facility Security Assessments (FSAs) and Facility Security Plans (FSPs) no later than Oct. 1, 2021. For more information on exactly how to do this, please see the resources below.
The CPT’s ability to deploy globally wherever needed, and the blue team’s vigilance in securing Coast Guard networks and systems is a critical step forward towards realizing the goals of the Coast Guard’s Cyber Strategy and the Department of Homeland Security’s National Infrastructure Protection Plan—ultimately keeping Americans safe and the international supply chain open for business.
“Defending legacy operational technology systems can be a challenge,” Miltenberger said about the challenges of defending both the Coast Guard’s existing systems, which are older, and the MTS at large. “Defense in depth starting with strong physical security and operator cyber awareness is paramount. CGCYBER is engaging our acquisition and engineering teams early to build in security from the ground up."
Cyber incidents can be scary—due to both their real and perceived risks to security, either physical or financial. The current concerns over the gasoline supply reflect how quickly one intrusion can turn into a full-blown crisis.
Despite facing challenges, CGCYBER is committed to defending both the service and the nation from these types of threats and continues to mature its individuals and its processes to reflect and respond to the changing threats of this new battlefield landscape.
Additional Resources:
- Please email for more information regarding the U.S. Coast Guard Cyber Protection Team (CPT)
- Coast Guard Maritime Commons Blog: Marine Transportation System (MTS) cyber spotlight
- Coast Guard’s Ports and Facilities Page
- Coast Guard’s Cyber Command Page
- Facility Inspector Job Aid
- Coast Guard Cyber Strategy
- Department of Homeland Security National Infrastructure Protection Plan webpage [The full plan, plus updates, supplements, authorities, and sector specific plans can be found on the webpage.]
- Coast Guard Cyber Command Fact Sheet (CAC required)
- CGCYBER Blog (CAC required)