The U.S. Coast Guard has officially announced a final rule to strengthen cybersecurity measures within the U.S. Marine Transportation System (MTS). Published in the Federal Register, this update addresses the growing cyber threats facing Maritime Transportation and sets new minimum cybersecurity standards for U.S.-flagged vessels, Outer Continental Shelf (OCS) facilities, and facilities regulated under the Maritime Transportation Security Act of 2002 (MTSA).
These enhanced regulations are designed to help the maritime industry proactively detect cybersecurity risks, effectively respond to incidents, and ensure swift recovery. Key components of the rule include the mandatory development and maintenance of a Cybersecurity Plan, the designation of a Cybersecurity Officer (CySO), and the implementation of various cybersecurity measures tailored to the unique challenges of maritime transportation.
The final rule is set to take effect on July 16, 2025. Furthermore, the Coast Guard is seeking industry feedback regarding a potential delay of 2 to 5 years for the implementation timeline specifically for U.S.-flagged vessels. Stakeholders wishing to comment on this potential delay should submit their input by March 18, 2025.
For detailed information about this rulemaking, please refer to the final rule available on the Federal Register or through the eRulemaking Portal at www.regulations.gov, using docket number USCG-2022-0802. Additional resources, including fact sheets and compliance guides for small entities, can be found on the Coast Guard Maritime Industry Cybersecurity Resource Website. This new rule marks a significant step forward in safeguarding the critical infrastructure of maritime transportation against evolving cyber threats.
