USCG Introduces New Cybersecurity Regulation for Maritime Industry Amidst Rising Cyber Threats

Recently, experts discussed the $5.4 trillion global maritime industry’s vulnerability to cyber threats. A new government regulation, titled “Cybersecurity in the Marine Transportation System,” was introduced by the US Coast Guard (USCG) on January 17, 2025. This regulation aims to enhance cybersecurity measures for US-flagged vessels, Outer Continental Shelf (OCS) facilities, and certain facilities regulated under the Maritime Transportation Security Act of 2002 (MTSA). The integration of digital technologies within the marine transportation system has increased susceptibility to cyber threats, prompting the need for a baseline cybersecurity standard to detect, respond to, and recover from cyber incidents effectively.

The final rule applies to various entities within the marine transportation system, including US-flagged vessels, facilities subject to MTSA, and OCS facilities. It outlines critical requirements to improve cybersecurity, such as developing cybersecurity and cyber incident response plans, designating a Cybersecurity Officer (CySO), conducting training sessions, submitting plans for approval, and promptly reporting cyber incidents to the National Response Center. The USCG also allows for limited waivers or equivalence determinations for entities that can demonstrate alternative security measures that offer an equivalent level of protection.

The final rule is scheduled to take effect on July 16, 2025, but the USCG is considering a potential two-to-five-year delay in the implementation periods for US-flagged vessels. Interested parties are invited to submit comments by March 18, 2025. As the enforcement date approaches, maritime stakeholders are urged to prioritize compliance with the regulation to safeguard the critical infrastructure that supports America’s maritime economy in an increasingly perilous digital landscape. Insights into the significance of this regulation in protecting the maritime industry against evolving cyber threats have been highlighted by industry professionals.

Source