Maritime: Oil & Natural Gas

Summary

With the help of the NCCoE, the United States Coast Guard (USCG) collaborated with industry to develop voluntary Cybersecurity Framework Profiles (CFP) to mitigate risks in their joint mission areas. Resulting in the USCG Maritime Profile, based on the NIST Cybersecurity Framework (CSF), it addresses the areas of Maritime Bulk Liquids Transfer (MBLT), Offshore Operations, and Passenger Vessel Operations. These CFPs identify and prioritize the minimum subset of Cybersecurity Framework Subcategories required to conduct operations in each context in a more secure manner, while giving organizations the flexibility to address Subcategories in whatever way makes the most sense for their unique risk posture.

These guidance documents, which the USCG will attach to future Navigation, Vessel, and Inspection Circulars, can help organizations clarify how cybersecurity fits into their mission priorities and how best to allocate resources to secure information and operational systems. Industry can then incorporate those practices into a Facilities Security Plan.

Industry organizations already implementing the CSF for internal discussions and/or mapping to their internal standards will have a natural path to incorporate the relevant profile into their risk management program. Maritime organizations interested in expanding their cybersecurity capabilities using the CSF will also be able to use this profile to help prioritize their cybersecurity activities.

Work with Us

We are building a dynamic Community of Interest (COI) to share business insights, technical expertise, challenges, and perspectives to guide future NCCoE projects in support of the Maritime and Oil & Natural Gas industry. To join or to submit an idea for a new project in this area, please email your contact information and a short note describing your interest or idea to maritime-nccoe@nist.gov.