Navigation and Vessel Inspection Circular (NVIC) 01-20; Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities

Document Headings Document headings vary by document type but may contain the following: the agency or agencies that issued and signed a document the number of the CFR title and the number of each part the document amends, proposes to amend, or is directly related to the agency docket number / agency internal file number the RIN which identifies each regulatory action listed in the Unified Agenda of Federal Regulatory and Deregulatory Actions See the Document Drafting Handbook for more details. Department of Homeland Security Coast Guard [Docket No. USCG-2016-1084] RIN 1625-ZA39 AGENCY: Coast Guard, DHS. ACTION: Notice of availability. SUMMARY: The Coast Guard announces the availability of Navigation and Vessel Inspection Circular (NVIC) 01-20, titled Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA) Regulated Facilities. This NVIC clarifies the existing MTSA requirements related to computer system and network vulnerabilities of MTSA-regulated facilities. It also provides owners and operators of the facilities with guidance on how to analyze these vulnerabilities in their required Facility Security Assessment (FSA) and address them in the Facility Security Plan (FSP). FOR FURTHER INFORMATION CONTACT: If you have questions on this notice, call or email, CDR Brandon Link, U.S. Coast Guard; telephone 202-372-1107, email Brandon.M.Link@uscg.mil . SUPPLEMENTARY INFORMATION: Discussion As discussed in the United States Coast Guard Cyber Security Strategy, released in June 2015, [ 1 ] and the draft NVIC, [ 2 ] published for public comment on July 12, 2017 ( 82 FR 32189 ), cyber security is one of the most serious economic and national security challenges for the maritime industry and our nation. Maritime facility safety and security systems, such as security monitoring, fire detection, and general alarm installations increasingly rely on computer systems and networks. While these computer systems and networks create benefits, they are inh…