Coast Guard updates cyber strategy with focus on 'mission platform'

The Coast Guard wants to sharpen its focus to protect its IT and operational technology systems and maritime supply chains as part of its updated cybersecurity strategy released Aug. 3.

The update to its original 2015 cyber strategy, is largely a tonal shift, with stronger language for readiness objectives. It highlights three main themes: securing and improving resilience of the IT and OT networks, called the Enterprise Mission Platform; identifying and managing cybersecurity risks to the Maritime Transportation System, such as vulnerabilities in the supply chain; and conducting cyberspace operations across the law enforcement and military realms.

Rear Adm. Michael Ryan, the commander of the U.S. Coast Guard Cyber Command, said the strategy update aims to "send clear signals across the interagency, into the inner service space, and into the global maritime commons that cyber is real. It's a part of our operational venue, and we've got to continue to make drastic progress in this environment."

The strategy calls for continued supply chain assessments, highlighting the NotPetya cyberattack in 2017 that hit Maersk, a major cargo supplier, and caused upwards of $200 million in revenue loss.

Ryan, speaking during a cyber panel at the 2021 Sea Air Space Conference in National Harbor, Md., highlighted the need for such assessments for the private sector so they can "help themselves" by making the needed changes to harden their infrastructure especially in the wake of the Colonial Pipeline attack.

"We're engaging at the port level, in support of our field commanders, to try to get the maritime community to understand those risks and vulnerabilities," Ryan said.

"We can defend the [Department of Defense information networks] all we want and that will preserve our vital military capabilities. That's all well and good, but like Colonial Pipeline, if the underpinnings of our nation are attacked or disrupted, that's as equally disabling as if our military power cannot be projected."

Ryan told reporters that much has changed in cyberspace since the original strategy was published and the Coast Guard needed to capitalize on investments from the past three years. That includes building out the service's first two Cyber Protection Teams and expanding the capacity of a third "into the international arena."

The strategy also comes as the Coast Guard looks to incorporate and invest in more digital technologies from automation to cloud, which means a larger cyberattack surface.

"The current evolution in [Marine Transportation System] operations involves increased use of autonomous shipping, offshore platforms, and cargo facilities," the document states.

"As helpful as these new technologies are for business and supply chain operations, the advantages and complexity also increase the target surface for cyber incidents that could result in decreased military logistics, injury or death, harm to the marine environment, or disruption of vital trade activity."